Posted on 2 Comments

Joomla Error-Based SQL Injection exploit for enumeration

Good Evening Friends. Today we will see how to exploit the “Joomla Error-Based SQL Injection” vulnerability found recently to enumerate usernames and password hashes found in remote servers where Joomla is installed. This vulnerability is found in Joomla versions 3.2 to 3.4.4. Now let’s see how to use this exploit to enumerate usernames and password hashes. This exploit is available in Metasploit. I am testing this exploit on Joomla version 3.4.4.

joomla error-based sql injection0

Start Metasploit and load the exploit as shown below.

joomla error-based sql injection1

Set the required options as shown below and type command “exploit”. After some time, a text file containing usernames and password hashes is downloaded and stored in your system as shown below.

joomla error-based sql injection3

Now open the text file with any text editor available in kali Linux. I have used gedit.

joomla3

This is the text file we have downloaded. As you can see below, we can see usernames and password hashes of the joomla installation.

joomla error-based sql injection4

2 thoughts on “Joomla Error-Based SQL Injection exploit for enumeration

  1. […] Evening Friends. In our previous howto, we have seen how to use Joomla com_contenthistory Error-Based SQL Injection exploit. Today we will see how to exploit the WordPress Ajax Loadmore PHP upload vulnerability using […]

  2. […] exploit which affects Joomla versions 1.5.0 to 3.4.5. We have also seen another exploit  “Joomla Error-Based SQL Injection exploit for enumeration ”  which affects Joomla versions 3.2 to 3.4.4. To successfully exploit these […]

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.