Zhuo Xun smart website management system EmteEasySite vulnerability and repair

Zhuo Xun intelligent website management system EmteEasySite

 
Official Website: http://www.emte.com.cn/
 
Baidu search:
 
Technical support: Zhuo Xun Technology
 
Go directly to the background to check if copyright is an EmteEasy system.
 
/Main/login. asp
 
Vulnerability exploitation:
 
Default database address downloadable
/Db/% 23EMTE ^ @ DATEBASE. MDB
 
Open the AdminUser table after the download.
 
View AName2 and Apass2 in the column to view the Administrator's plaintext account and password
 
PS: (is the account followed by md5 encryption but plaintext? What is his thinking)
 
Editor Upload Vulnerability
Http://www.bkjia.com /! Emte % 5E =. Editor/adminlogin. asp
 
Admin
 
Simply follow the ewebeditor background-style management-settings-add aaspsp format to break through filtering upload
 
SQL Injection Vulnerability
Simply add a ''to expose the vulnerability.
 
You can hand it over to ah d for injection.
 
Table adminuser
 
Column account: aname2 password apsss2
 
Some versions in the background support database backup and use opera to view the source code and change the backup address to the address of your image script.
 
Some versions do not have the tragedy of database backup. You can try to use the editor vulnerability to get shell!

Fix: Password md5, strict Filtering