Old A horse black method-vulnerability warning-the black bar safety net

2009-04-26T00:00:00
ID MYHACK58:62200923049
Type myhack58
Reporter 佚名
Modified 2009-04-26T00:00:00

Description

Originally when the default database is ASP, plug horses, cross-site, and inject all there

The way injection: showmb. asp

<%

Set conn = Server. CreateObject("ADODB. Connection")

conn. open "Provider = Microsoft. Jet. OLEDB. 4. 0;Data Source = " & Server. MapPath("laoa123qafd5q. asp")

set rs = server. createobject("ADODB. recordset")

Strsql = "select * From data where 1=1 and u ='"& Request("u") &"'"

rs. open Strsql,conn,1,1

if rs. RecordCount=0 then

response. Write("no record")

end if

%>

Then the new version adds an anti-brush code given breakthrough method:

Code: if cint(request("fm"))<>GetCRCVal(Request("u")&Request("p")&SFM) then response. End()

FM is the CAPTCHA, if by crack the encryption breakthrough is not very convenient

But it just by the username, the password, the other can still be bypassed, and the newly added anti - SQL injectiononly for GET and POST, COOKIES submit to continue!!!!

As long as the capture after the data packet is then submitted once, wherein the modifying Request("js")to read cookie submit it~~