BBSXP5.15 the latest vulnerability to thin version _ vulnerability Research

Source: Internet
Author: User
Tags add numbers md5
First open www.google.com in the input po......bbsxp5.15 there are many such forums, any point, good on this bbs.yuntea.com really lucky, this station has not patched, a gas to kill in the end, bbsxp5.15 the latest loopholes, The vulnerability is mainly in the blog.asp allows you to directly construct database commands
Blog.asp?id=1%20union%20select%20top%201%201,[adminpassword],1,1,1,1,1%20from%20[clubconfig]
The MD5 password for the backstage director is displayed.
The front code can also come out,
Online already has related animation, software.
To exploit this loophole, there must be a batch of Bbsxp's website going down.
The next step is to talk about tools, and get ready for MD5 password crackers.
About the MD5 crack, compare to have Md5cracker Speed Enhancement edition.
1. Run with 8-or 9-digit digits first. Soon.
2. If not, run in lowercase letters. Choose 5-6 bit better.
3. No more, that means the cipher may add numbers to the alphabet and take a chance. Can be configured with a boutique from the code, such as 10G,
Run on and on for a few hours. (Your machine must be well configured)
4. No more, suggest to give up, too sick.
Front desk OK ... Background password ... (Note: You must know the administrator's account number)
The direct default configuration is to get the background password directly ...
Directly to the front desk MD5 password burst out.
The rest of the matter is cracked MD5.
Now it's time to start working on the http://bbs.yuntea.com/+bl......ion%20select%20top%201%201,[adminpassword],1,1,1,1,1%20from%20[ Clubconfig]
becomes a http://bbs.yuntea.com/blo......ion%20select%20top%201%201,[adminpassword],1,1,1,1,1%20from%20[clubconfig]
His password is 7cb2be65eb9f215215a0725a10b6e39e may be the front of the password and the same background, if there are 2 encryption password that is to represent 1 is the foreground of one is backstage, not much said, see operation
According to the above tools introduced first with digital,
is breaking = = patience and so on
I'll take a message, people don't mind
Out, the password is 82246124, login, his account number is Wzwu, password 82246124, login success, backstage login, password 82246124, login success, the following due to know, I will not say more, lest be scolded by others.
BBsxp5.15 the original author of the latest vulnerability is unclear

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.