Underground Cyber Community


 
IndeksPortalCalendarGalleryFAQPencarianAnggotaPendaftaranLogin
Pencarian
 
 

Display results as :
 
Rechercher Advanced Search
Latest topics
Top posters
PrOReBeLL (140)
 
Pahlawan Bertopeng (120)
 
hacker.software (91)
 
jundue (48)
 
q3qyuu (47)
 
hackerccfresh (40)
 
Arwen Lover's (38)
 
tracksmarket (38)
 
Admin (35)
 
alex11 (33)
 
Map Counter

Share | 
 

 ASP Nuke SQL Injection Vulnerability

Go down 
PengirimMessage
PrOReBeLL
Paling Cool Di PCT
Paling Cool Di PCT
avatar

Jumlah posting : 140
Join date : 13.09.10
Lokasi : Pekanbaru

PostSubyek: ASP Nuke SQL Injection Vulnerability   Thu Sep 16, 2010 12:59 am

Hmm.. Ini Vuln ASP Nuke Yang Kemungkinan Bisa Kita Pelajari...
Cekidot aja deh :


Description :

1)- SQl Injection
This version of ASP Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.


Valnerable Code in .../module/article/article/article.asp:

Ln 37:
sStat = "SELECT art.ArticleID, art.Title, art.ArticleBody, " &_
" auth.FirstName, auth.LastName, " &_
" cat.CategoryName, art.CommentCount, " &_
" art.Created " &_
"FROM tblArticle art " &_
"INNER JOIN tblArticleAuthor auth ON art.AuthorID = auth.AuthorID " &_
"INNER JOIN tblArticleToCategory atc ON atc.ArticleID = art.ArticleID " &_
"INNER JOIN tblArticleCategory cat ON atc.CategoryID = cat.CategoryID " &_
"WHERE art.ArticleID = " & steForm("articleid") & " " &_
"AND art.Active <> 0 " &_
"AND art.Archive = 0"


Considering to the code, you can browse these URLs:

[You must be registered and logged in to see this link.] (the false Query will be shown)
[You must be registered and logged in to see this link.] (this Query is always true)

with the following URL you can find the first character of Username:
[You must be registered and logged in to see this link.]

and second character:
[You must be registered and logged in to see this link.]

and so on.

So you gain Admin's information like this:
Username : admin
Password : (sha256 hash)


Discovery : [You must be registered and logged in to see this link.]
Vendor : [You must be registered and logged in to see this link.]

Sumber:
[You must be registered and logged in to see this link.]


Selamat Mencoba Buat Ngembangin Ilmu kita...hehe

_________________________________________________
Welcome In PCT Forum

[You must be registered and logged in to see this link.]
Kembali Ke Atas Go down
http://prorebell.blogspot.com/
 
ASP Nuke SQL Injection Vulnerability
Kembali Ke Atas 
Halaman 1 dari 1
 Similar topics
-
» Injection Open Loop vs Close Loop
» WATER INJECTION (WAI) FOR N250R
» N250 Fuel injection Kit PNP
» (Ask) Ninja 250 Injection vs. Carbu
» Knalpot R9 Ninja 250 Injection 2013

Permissions in this forum:Anda tidak dapat menjawab topik
Underground Cyber Community :: Hacking :: Tutorial-
Navigasi: