joomla deserialization vulnerability in getshell&&command execution-vulnerability warning-the black bar safety net

ID MYHACK58:62201570201
Type myhack58
Reporter whirlwind
Modified 2015-12-20T00:00:00


Note: 1. Remember the command after the points number, the command with single quotes. 2. For learning php code to use


`php joomla.php getshell

php joomla.php the command 'phpinfo();" ! 2015-12-17 01-08-13 of the screen captures of Fig. png Download:

Update using the$_SERVER[\'DOCUMENT_ROOT\']directly, rather than the silly first phpinfo to match. Then sent a test php joomla.php getshell