The Joomla Hacking Compendium

Download The Joomla Hacking Compendium here. With great pleasure I hereby announce the availability of the new “The Joomla Hacking Compendium”. It contains almost 1000 lines of pure knowledge and shows you the way to hack and protect Joomla. It contains the following chapters: Please find an excerpt below:... Read More

Specialist Bed and Breakfast Website SQL Injection Exploit released

Today I am releasing my Specialist Bed and Breakfast Website SQL Injection Exploit (remote). [Download] Description The Specialist Bed and Breakfast Website SQL Injection Exploit takes advantage of a SQL injection vulnerability JaMbA discovered on 30th June 2010. The exploit source code also contains the table structure of the vulnerable product. About the vulnerability Learn […]... Read More
Joomla Component BF Quiz SQL Injection Exploit

Joomla Component BF Quiz SQL Injection Exploit released

Today I am releasing my Joomla Component BF Quiz SQL Injection Exploit. It exploits a vulnerability within the Joomla component BF Quiz I found a few hours ago. Please click here to download the Python sploit. Usage example: python joomla_com_bfquiz_sploit.py – u “http://target/index.php?option=com_bfquiztrial&view=bfquiztrial&catid=34” Features: – Check if the provided URL is reachable – Display current database, […]... Read More
Automated Joomla SQL Injection Exploiter Screenshot 1 Automated Joomla SQL Injection Exploiter Screenshot 2

Automated Joomla SQL Injection Exploiter

Today I am releasing my Automated Joomla SQL Injection Exploiter version 1.0 (23th May 2010). [Download here] I wrote this tool because I did not want to write a new exploit every time when a new Joomla (component/module/plugin) SQL injection vulnerability was discovered/revealed. Simply hand over a vulnerable Joomla URL to the tool and receive all Joomla […]... Read More

Joomla com_qpersonel SQL Injection Remote Exploit released

Today I decided to release my Joomla com_qpersonal SQL Injection Remote Exploit. It exploits a SQL injection vulnerability I found a few weeks ago. The sploit is based on my column fuzzer and the enhanced Joomla exploitation tool I wrote 🙂 You can find the exploit here.... Read More