Tutorial Deface Joomla Com_User

[+] Post Title :

Tutorial Deface Joomla Com_User

[+] Date : Selasa, 18 Februari 2014
[+] Author : SixZero
[+] Link : https://b-h-t.blogspot.com/2014/02/tutorial-deface-joomla-comuser.html
[+] Type : Tutorial

Joomla exploit com_users to deface
This totorial just to lamer like me

for tools in
http://pastebin.com/2UHzwTuR (copy to notepad and Save exploite.html
shell < using google

Note: not all website are vulnerable in this exploit

1.Check admin login page and Search target Vuln
http://site.com/administrator
Example target vuln :
http://www.jto.lt/administrator

2.Input  in url
index.php?option=com_users&view=registration
example :
http://jto.lt/index.php?option=com_users&view=registration

3.CTRL+U > CTRL+F and search "hidden"
example :
                            <input type="hidden" name="option" value="com_users" />
                            <input type="hidden" name="task" value="registration.register" />
                            <input type="hidden" name="c74b0a0fc27dea74f837b327b1feb230" value="1"
Copy the colour red to Exploite.html

4.replace the information with your data email,name,etc

5.go back Joomla exploit.html

6.click register

7.input the password once again with the same password

8.open email and click activation url

9.login your target
http://site.com/administrator/

10.Upload Shell And Deface