Patch Bug, Exploit Com_User (CMS Joomla)

by Nue Bhandell - 03-10-2016 at 10:25 AM
Staff
Moderators
Posts:
45
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#1
OP
Posted: 03-10-2016, 10:25 AM
ixxiixhi, sore temen2 Linuxer.
ini post pertama tutorial gue di room ini akwkaw.
tutor cupu, yang dh master minggir dlu bebz  :heart:

okeii langsung aja.
Masuk/Login dulu ke website berbasis Joomla yang vuln exploit Com_User.

ketika belum di patch , tampilan web ketika ditambahkan exploit masih bisa untuk registrasi.
*muncul form utk registrasi akun.
exploit: index.php?option=com_users&view=registration 

sekarang kita patch.
klik user ~> user manager

muncul gambar seperti di ss:

[Image: EFF26NT.png]

lalu klik options cari > Allow User Registration > ubah dari yes ke no

[Image: tg41CUz.png]

lalu klik save & close


coba kita lihat exploit index.php?option=com_users&view=registration 
di web tadi
contoh: webanda.com/index.php?option=com_users&view=registration 

sudah deh, sudah tidak ada yang bisa exploit/registrasi lagi di website  :D
Semoga membantu gengs <(")
 Salam para penjinak pinguin :v , Viva Real Tux Warrior Gaes :'v wkkwkwkw

untuk Full SS, bisaKunjungin blog saya yee Gengs: http://tkjcyberart.blogspot.co.id/2015/0...muser.html


sampai ketemu di next tutorial, bye.
Reply
Find Posts
Satpam
Moderators
Posts:
33
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#2
Posted: 03-10-2016, 10:37 AM
(03-10-2016, 10:25 AM)Nue Bhandell Wrote: ixxiixhi, sore temen2 Linuxer.
ini post pertama tutorial gue di room ini akwkaw.
tutor cupu, yang dh master minggir dlu bebz  :heart:

okeii langsung aja.
Masuk/Login dulu ke website berbasis Joomla yang vuln exploit Com_User.

ketika belum di patch , tampilan web ketika ditambahkan exploit masih bisa untuk registrasi.
*muncul form utk registrasi akun.
exploit: index.php?option=com_users&view=registration 

sekarang kita patch.
klik user ~> user manager

muncul gambar seperti di ss:

[Image: EFF26NT.png]

lalu klik options cari > Allow User Registration > ubah dari yes ke no

[Image: tg41CUz.png]

lalu klik save & close


coba kita lihat exploit index.php?option=com_users&view=registration 
di web tadi
contoh: webanda.com/index.php?option=com_users&view=registration 

sudah deh, sudah tidak ada yang bisa exploit/registrasi lagi di website  :D
Semoga membantu gengs <(")
 Salam para penjinak pinguin :v , Viva Real Tux Warrior Gaes :'v wkkwkwkw

untuk Full SS, bisaKunjungin blog saya yee Gengs: http://tkjcyberart.blogspot.co.id/2015/0...muser.html


sampai ketemu di next tutorial, bye.

Mantab,mas.
Nambah ilmu lagi buat ayas.
Nice share.
Reply
Find Posts
Junior Member
Posts:
33
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#3
Posted: 03-10-2016, 11:14 AM
komen ^_^
Reply
Find Posts
Staff
Moderators
Posts:
45
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#4
OP
Posted: 03-10-2016, 11:43 AM
(03-10-2016, 11:14 AM)anongep Wrote: komen ^_^

tengkyu :v akwkkaw
Reply
Find Posts
Junior Member
Posts:
13
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#5
Posted: 03-11-2016, 10:58 AM
ntabss om nue .
Reply
Find Posts
./Bug7sec Team
Posts:
13
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#6
Posted: 03-11-2016, 11:00 AM
mantap mas
Reply
Find Posts
Staff
Moderators
Posts:
45
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#7
OP
Posted: 03-12-2016, 02:20 PM (This post was last modified: 03-12-2016, 02:21 PM by Nue Bhandell.)
(03-11-2016, 10:58 AM)oepilcore Wrote: ntabss om nue .

awkawkaw eh om oepil  :heart:
uihh tengkyuu om

(03-11-2016, 11:00 AM)Logika Galau Wrote: mantap mas

awkkawkaw iya2 tengkyuu bang  :D
Reply
Find Posts
Junior Member
Posts:
37
Joined:
Mar 2016
Likes:
0
Reputation:
0
2 Year Of Member
#8
Posted: 03-28-2016, 04:44 AM
thanks ilmunya gan ^_^
Reply
Find Posts
Register an account or login to reply
Create an account
Create a free account today and start posting right away. It only takes a few seconds.
Login
Log into an existing account.
1 Guest(s)