ASP Webmaster Assistant How to use

After the Guilin Veteran's ASP Webmaster Assistant 5.0 Vulnerability, now the veterans are out again. A new version (the latest version: 6.0), the interface is good, and is a graphical version of the function above the previous version of a lot of ah, my favorite is the use of veterans tools Ah, haha haha ~ Let's look at the veteran's interface how AH??

This version is used in the embedded format, so how to see the parameters of the page will not find the ~ than the old version of a lot better, so this loophole, Still use 5.0 methods to carry out testing, first of all, we are landing on the page to start testing, hahaha or with WSE better ah, we first go to grab bag to determine whether there is a loophole.

The packet information is as follows (excerpt)

(1)

Post/21.asp http/1.1

Cookie:boardlist=boardid=show; tz=480; Sp1=1; Aspsessionidqabscdtq=ccfnjnlbccgkkigmhonehlpa

loginpass=

The above is not enter the password, intercepted the cookie information.

(2)

Post/21.asp http/1.1

Cookie:boardlist=boardid=show; tz=480; Sp1=1; Aspsessionidqabscdtq=ccfnjnlbccgkkigmhonehlpa

Loginpass=gxgl.com

The above is the packet information after the correct password is entered.

From the above, what have you found?! The first half of the cookie (before Loginpass) has the same place boardlist=boardid=show; tz=480; Sp1=1: This thing will always appear in our article, in order to cover the packet, want to deceive the possibility of the program is very low, we can see other function page is how?

　　The scratch of the new file is as follows:

Get/21.asp? Action=editfile http/1.1

Cookie:boardlist=boardid=show; tz=480; Sp1=1; Aspsessionidqabscdtq=kcfnjnlbbnogefkoegempgch

What's the difference between the above and before? haha haha ~ ~ We can try to use this problem to try to cheat into the function page AH ~ Because the writing, the program has not been out, so had to use an idiot approach.

Use the Upload tool to test AH ~ There is a cookie to fill AH ~ ~ can be used to deceive the program.

If you enter http://***.***.***.***/21.asp directly in IE? Action=editfile, there will be the need to enter a password prompt box, so we use this page to try Ah, after a long test, we found that the program completely avoids the cookie spoofing, is completely no way to use the false cookie information to cheat the program. Yyd did we lose the research 6.0? ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

PostScript: The first test is really can cheat into, because has been not want to get the program out, so had to use some not necessarily successful garbage method to test ~ ~