Joomla OS Property 2.0.2 Unrestricted File Upload

2012-07-14 15:05:05

_______________________________________________________________________________________

Exploit Title: Joomla com_osproperty Unrestricted File Upload

Google Dork: com_osproperty

Date: [13-07-2012]

Author: Daniel Barragan "D4NB4R"

Twitter: @D4NB4R

site: http://www.insecurityperu.org/ & http://poisonsecurity.wordpress.com/

Vendor: Ossolution Team http://extensions.joomla.org/

Version: 2.0.2 (last update on Jul 12, 2012)

License: Commercial $ 28.86us

Tested on: [Linux(arch)-Windows(7ultimate)]


1. Go to this route
Ingrese a esta ruta

http://site/component/osproperty/?task=agent_register


2. Complete the form, raising the shell.php instead of your photo
Complete el formulario, subiendo la shell.php en lugar de su foto


3. Locate your file in the root /osproperty/agent/
Busque su archivo en la raiz /osproperty/agent/

http://site/images/osproperty/agent/randomid_yourshell.php


Help: This path can help you find your web shell in case you need it
Este path le puede ayudar a encontrar su web shell en caso q lo necesite

component/osproperty/?task=agent_default


Im not responsible for which is given
No me hago responsable del uso que se le de
_______________________________________________________________________________________
Daniel Barragan "D4NB4R" 2012

Fixes

No fixes

In order to submit a new fix you need to be registered.