Metasploit mailing list archives
joomla_filter_order.rb (Joomla 1.6.0 SQLIn to RCE)
From: YGN Ethical Hacker Group <lists () yehg net>
Date: Sun, 29 May 2011 11:37:54 +0800
Not sure whether this has been submitted or not. James from GulfTech Research and Development coded joomla_filter_order.rb that exploits SQL injection (ref: http://packetstormsecurity.org/files/view/99318/joomla160-sql.txt) in Joomla! 1.6.0 version. The exploit leverages SQL Injection to gain administrator hash. From that, it attempts to upload PHP meterpreter shell using the name of com_joomla component. http://www.gulftech.org/downloads https://docs.google.com/leaf?id=0B5oxcQ53hliTNmZlNGJmODEtNmQ3MC00YWI2LThmMTAtZjUzMGU0OTcxOTNh&hl=en _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- joomla_filter_order.rb (Joomla 1.6.0 SQLIn to RCE) YGN Ethical Hacker Group (May 28)
- Re: joomla_filter_order.rb (Joomla 1.6.0 SQLIn to RCE) Jeffs (May 29)
- Re: joomla_filter_order.rb (Joomla 1.6.0 SQLIn to RCE) HD Moore (May 29)
- Re: joomla_filter_order.rb (Joomla 1.6.0 SQLIn to RCE) GulfTech Security Research (May 31)
- Re: joomla_filter_order.rb (Joomla 1.6.0 SQLIn to RCE) YGN Ethical Hacker Group (Jun 02)
- joomla_filter_order.rb (Joomla 1.6.0 SQLIn to RCE) Jeffs (Jun 03)
- Re: joomla_filter_order.rb (Joomla 1.6.0 SQLIn to RCE) GulfTech Security Research (Jun 03)
- Re: joomla_filter_order.rb (Joomla 1.6.0 SQLIn to RCE) Jeffs (May 29)