Exploit - Joomla Registrationpro - Sky_BlaCk

1. ######################################################################################################
2. ___________ .__ .__ __ ____. .__
3. \_ _____/___ _________ | | ____ |__|_/ |_ | | ____ ____ _____ | | _____
4. | __)_ \ \/ /\____ \ | | / _ \ | |\ __\ | | / _ \ / _ \ / \ | | \__ \
5. | \ > < | |_> >| |__( <_> )| | | | /\__| |( <_> )( <_> )| Y Y \| |__ / __ \_
6. /_______ //__/\_ \| __/ |____/ \____/ |__| |__| \________| \____/ \____/ |__|_| /|____/(____ /
7. \/ \/|__| \/ \/
8. ######################################################################################################
9.  
10. #############################################################################
11. _________ __ __________ .__ _________ __
12. / _____/| | __ ___.__. \______ \| | _____ \_ ___ \ | | __
13. \_____ \ | |/ /< | | | | _/| | \__ \ / \ \/ | |/ /
14. / \| < \___ | | | \| |__ / __ \_\ \____| <
15. /_______ /|__|_ \ / ____| ______ |______ /|____/(____ / \______ /|__|_ \
16. \/ \/ \/ /_____/ \/ \/ \/ \/
17. #############################################################################
18.  
19.  
20. # Exploit Título : Multiple vulnerabilities Joomla Registrationpro
21. # Exploit Autor : Sky_BlaCk
22. # Versión : 1.5,1.7
23. # Tested on : Window and Linux
24. # Google dork : [inurl:index.php?option=com_registrationpro]
25.  
26. ---------------------------
27. # ~ Explotación ~ #
28. ---------------------------
29.  
30. Concept:
31.  
32. SQL Injection is a method of infiltration arbitrary code that uses a computer vulnerabilities present in an application-level input validation to query a database.
33.  
34. The origin of the vulnerability lies in the wrong check and / or filtering of the variables used in a program that contains.
35.  
36. ----------------------------
37. # PoC - SQLi and BlindSQLi #
38. ----------------------------
39.  
40. Variable : did
41.  
42. http://www.sitio.com/index.php?option=com_registrationpro&view=event&Itemid=106&did=163
43.  
44. http://www.sitio.com/index.php?option=com_registrationpro&view=event&Itemid=106&did=163&lang=es
45.  
46.  
47. ----------------------------
48. # PoC - SQLi and BlindSQLi #
49. ----------------------------
50.  
51. Variable : did
52.  
53. http://www.sitio.com/index.php?option=com_registrationpro&view=attendees&tmpl=component&did=37
54.  
55. http://www.sitio.com/index.php?option=com_registrationpro&view=attendees&tmpl=component&did=37&lang=es
56.  
57.  
58. ---------------
59. # PoC - SQLi #
60. ---------------
61.  
62. Variable : id
63.  
64. http://www.sitio.com/index.php?option=com_registrationpro&view=category&id=1
65.  
66. http://www.sitio.com/index.php?option=com_registrationpro&view=category&id=2&Itemid=1
67.  
68.  
69.  
70. Recommendations:
71.  
72. Well this these vulnerabilities presented in this post are considered the most common on websites. But as we see everything is based on the incorrect validation of the variable which gives income to the attack. I recommend foreground properly validate this using variables for power so neglecting attacks.
73.  
74.  
75. Regards :
76.  
77. TodakarHD - Cat Duh - Nettux Alset - You Fckme Niga - Kais pattern and my other friends ..... ^_^