This is a broken system, take home the source the horse change it that is their own, also charges
Garbage system, but also on the source the horse is encrypted.
Vulnerability is a heap of
Background login authentication file:
<!--# include file="conn. asp" - >
<!--# include file="../class/Config. asp" - >
<!--# include file="inc/md5. asp" - >
<!--# include file="../class/Ubbsql. asp" - >
The above loading of the page actually did load the anti-injection. And receives the parameters actually used request. And there is no limit, the various injection together.
2, The front page of the presence of the injection
Set rsnews=Server. CreateObject("ADODB. RecordSet")
sql="update news set hits=hits+1 where id="&id
conn. execute sql
You can use the injected transit. Other pages I haven't looked.
Next look at the background to take the shell of vulnerability.
1, upload vulnerability,can have a bright kid uploaded.
2, The database backup,didn't do any restrictions. Uploaded pictures of horses, and then make a backup
3, web configuration, can be inserted into a closed formula a sentence to get the shell
For such a business Station。。。。 I'm speechless. it.