Tag: sql injection
Joomla components suffer SQL injection risks.
by The Uni-Hacker on Jun.04, 2008, under Misc
Three Joomla components have been found to have some serious security issues, all three are susceptible to remote SQL injection via HTML GET. All three scripts, Joomla iDoBlog, Joomla Radio, and Joomla Quotes have the SQL injection exploit. This exploit was released today while yesterday two other Joomla components had similar issues with SQL injection.
The recent SQL injection exploits on these components raises the question of integrity and security of the software. As it stands now, users shouldn’t be using Joomla components if they don’t how to check for these sort of exploits.
SQL can be passed to all three components through the id argument.
http://localhost/[Joomla_Path]/index.php?option=com_equotes&id=13 and 1=1 UNION SELECT user(), user(),user(),user(),user(), concat(username,0x3a,password), user(),user(),user(),user(),user(),user(), user(),user(),user(), user() FROM jos_users
Joomla eQuotes SQL Injection
by The Uni-Hacker on Jun.03, 2008, under Misc
For anyone running the Joomla eQuotes module, be warned. The eQuotes mod is susceptible to SQL injection, and could cause some major headaches if someone actually performs this on your site.
The SQL injection is inserted on the id parameter of the URI. A union select can pull the fields you want from the database.
http://localhost/[Joomla_Path]/index.php?option=com_equotes&id=13
and 1=1 union select user(),concat(username,0×3a,password),user(), user(),user(),user(),user() FROM jos_users
It’s recommended that you change some roles on your MySQL username. Using stored procedures can also prevent a lot of SQL injection attacks such as these, but that would be up to the software developer not the end user….
SQL Injection Howto
by The Uni-Hacker on May.02, 2008, under Security
SQL injection is probably one of the most widely used techniques for hacking websites. Hackers can look at the form variables on a website to determine if it could possibly be injected with SQL. Many home made website portals can easily be hacked because SQL injection prevention can be time consuming for programmers, and many people don’t know how to protect against SQL injection.
Lets take a look at the following SQL statement.
Statement: select * from users where username=’ + $formUserName + ‘;
$formUserName data comes in from an HTML form from your website. This is the key variable in the script that you will use to inject SQL code into. Lets look at the hacked, SQL injected version.
(continue reading…)
