header-logo
Suggest Exploit
vendor:
Joomla com_osproperty
by:
Daniel Barragan 'D4NB4R'
7,5
CVSS
HIGH
Unrestricted File Upload
434
CWE
Product Name: Joomla com_osproperty
Affected Version From: 2.0.2
Affected Version To: 2.0.2
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux(arch)-Windows(7ultimate)
2012

Joomla com_osproperty Unrestricted File Upload

A vulnerability in Joomla's com_osproperty component allows an attacker to upload a malicious file to the server. By accessing the URL http://site/component/osproperty/?task=agent_register, an attacker can complete the form and upload a malicious file instead of a photo. The malicious file will be located in the root /osproperty/agent/ directory.

Mitigation:

Ensure that the application is configured to only allow the upload of files with the appropriate file extensions and that the application is configured to only allow the upload of files with the appropriate file size.
Source

Exploit-DB raw data:

_______________________________________________________________________________________
 
 Exploit Title: Joomla com_osproperty Unrestricted File Upload 

 Google Dork: com_osproperty

 Date: [13-07-2012]

 Author: Daniel Barragan "D4NB4R"

 Twitter: @D4NB4R

 site: http://www.insecurityperu.org/  &  http://poisonsecurity.wordpress.com/

 Vendor: Ossolution Team http://extensions.joomla.org/

 Version: 2.0.2 (last update on Jul 12, 2012)

 License: Commercial $ 28.86us
 
 Tested on: [Linux(arch)-Windows(7ultimate)]


1.  Go to this route
    Ingrese a esta ruta
   
   http://site/component/osproperty/?task=agent_register


2.  Complete the form, raising the shell.php instead of your photo
    Complete el formulario, subiendo la shell.php en lugar de su foto


3.  Locate your file in the root /osproperty/agent/ 
    Busque su archivo en la raiz /osproperty/agent/ 
 
    http://site/images/osproperty/agent/randomid_yourshell.php


Help:  This path can help you find your web shell in case you need it
       Este path le puede ayudar a encontrar su web shell en caso q lo necesite
      
           component/osproperty/?task=agent_default
 

Im not responsible for which is given
No me hago responsable del uso que se le de
_______________________________________________________________________________________
Daniel Barragan "D4NB4R"  2012

Navigation

Suggest Exploit

Services By CQR