Hui-Bo Shopping Mall system V6. 0 injection vulnerability analysis-vulnerability warning-the black bar safety net

2010-09-24T00:00:00
ID MYHACK58:62201027934
Type myhack58
Reporter 佚名
Modified 2010-09-24T00:00:00

Description

Published:2010-09-23

Affected version:Hui-Bo Shopping Mall system V6. 0

Vulnerability description: injection vulnerability

Publishing author: m4r10 <http://hi.baidu.com/m4r10> reproduced please indicate the copyright

Vulnerability analysis:product_inc. asp, checkSQL. asp

product_inc. asp:

Id = Trim(Request. QueryString("id")) If Id="" then Response. Write("<script language='javascript'>alert('the product does not exist!'); history. go(-1);</script>") Response. End End If

Only filter up the front and rear spaces, after the file call checkSQL. asp universal anti-injection.

checkSQL. asp:

Line 6: The Fy_Url=Request. ServerVariables("QUERY_STRING")

This is not to say that large cattle were many years ago for this General purpose anti-implantation were studied. Directly below given the use of the process

The exploit: the

<http://URL/product.asp?%69d=1> throw into the injection tool ran directly to

Note: the 6.0 later joined the CNum function IsNumeric determine with the CLng conversion filter here injected

The other day in the black hat forum users go, I was not given the use of last night to write this analysis process, today issued to it, very simple.