Entries of May, 2010

Today I am releasing my Joomla Component BF Quiz SQL Injection Exploit. It exploits a vulnerability within the Joomla component BF Quiz I found a few hours ago. Please click here to download the Python sploit. Usage example: python joomla_com_bfquiz_sploit.py – u “http://target/index.php?option=com_bfquiztrial&view=bfquiztrial&catid=34″ Features: – Check if the provided URL is reachable – Display current database, […]

(Continue reading…)

Please view the original advisory here. The Joomla Component BF Quiz fails to sanitize the input passed trough the parameter “catid”. Therefore the software is exposed to SQL injection attacks. I found this vulnerability while testing my new self-coded SQL injection vulnerability scanner (will be released soon). When I first had a look at this […]

(Continue reading…)

Please view the full advisory/exploit here. The Joomla Component Reservations is exposed to XSS attacks.

(Continue reading…)

Please view the document here. The Joomla Component My Car (V. 1.0) is exposed to XSS attacks. Due to SQL errors it is furthermore possible to reveal sensitive information (e.g. the absolute path of the website and queries).

(Continue reading…)

Today I am releasing my Automated Joomla SQL Injection Exploiter version 1.0 (23th May 2010). [Download here] I wrote this tool because I did not want to write a new exploit every time when a new Joomla (component/module/plugin) SQL injection vulnerability was discovered/revealed. Simply hand over a vulnerable Joomla URL to the tool and receive all Joomla […]

(Continue reading…)

Today I decided to release my Joomla com_qpersonal SQL Injection Remote Exploit. It exploits a SQL injection vulnerability I found a few weeks ago. The sploit is based on my column fuzzer and the enhanced Joomla exploitation tool I wrote You can find the exploit here.

(Continue reading…)

Edit 23th May: Version 1.1 released. Today I released the Full Automated Column Finder for SQL Injection (Python script). It is a column fuzzer which helps you saving time. [Download here] Description The Full Automated Column Finder helps you to determine the correct amount of columns of the current SQL query. It is useful for […]

(Continue reading…)

Today I donated a few Dollars to the Open Security Foundation. I believe that the money is well invested! As it seems I am the first one to donate at the OSVDB Spring 2010 Fundraiser http://www.opensecurityfoundation.org/

(Continue reading…)

As you noticed I switched to a different theme today. It is nothing special, but I like it!

(Continue reading…)

Please view the original advisory here. # Exploit Title: Joomla Component ActiveHelper LiveHelp XSS Vulnerabilities # Date: 18.05.2010 # Author: Valentin # Category: webapps/0day # Version: 2.0.3 # Tested on: # CVE : # Code : [:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::] >> General Information Advisory/Exploit Title = Joomla Component ActiveHelper LiveHelp XSS Vulnerabilities Author = Valentin Hoebel […]

(Continue reading…)