By Mr. DzYFrom www.0855. TV
Source code download: http://www.mycodes.net/25/4585.htm
Default background: admin/login. asp
Injection point: http://www.bkjia.com/shownews.asp? Id = 216
Exp:Javascript: alert (document. cookie = "id =" + escape ("216 and 1 = 2 union select 1, username, password, 10 from admin "));
There are 12 fieldsJavascript: alert (document. cookie
Author: redice
My younger brother and friend's website has been visited by XXX. I checked it for help.
I found a news display page, tried SQL Injection, and was told that IDS intercepted the request.
As follows:
Based on the connection on the prompt page, I found the website "chuangzhi IIS firewall". I will take a look at the product introduction.
It is also an ISAPI-based WAF. I personally feel that ISAPI is too dependent on the IIS version, a
a cookie injection problem ~ Please look at the connection below (for example, so the connection is not true)
Http://www.xxx.com/1.asp?id=123
If we only lose http://www.xxx.com/1.asp, we can not see the normal data, because there are no parameters! We would like to know if there is a problem with cookies (i.e. there is no request ("XXX") format problem), first use IE input http:// Www.xxx.com/1.asp
Load
Author: MindI have read some comments from my xhming article.Download boblog again.The injection vulnerability has been identified by xhming.Previously, I found an injection vulnerability similar to this vulnerability.Unfortunately ....View the code in the classic dialog boxIndex. php1If ($ go) @ list ($ job, $ itemid) = @ explode (_, basename ($ go ));The original inje
There are two main types of ASP acquisition parameters:Request.QueryString (Get) or Request.Form (POST)We sometimes write Id=request ("ID") to simplify the code, because there is a problem with the writing ...
The original Web service reads data like this:Take the data in get, no more data in the post, and fetch the data from cookies! That's what I found out.The usual anti-injection system, he detects the data in Get and post, if there are special ch
Release date:Updated on: 2013-04-10
Affected Systems:ESPCMSDescription:--------------------------------------------------------------------------------ESPCMS is an enterprise website management system developed based on LAMP.ESPCMS has a cookie injection vulnerability in an in_list function. The problem code obtains the value of cookies ['ecisp _ order_list '], which is directly used to construct SQL state
ShowSmallClassType = ShowSmallClassType_ArticleDim IDID = trim (request ("ID "))If ID = "" thenResponse. Redirect ("cg_Product.asp ")End if
SQL = "select * from cg_Product where ID =" ID ""Set rs = Server. CreateObject ("ADODB. Recordset ")Rs. open SQL, conn, 1, 3If rs. bof and rs. eof thenResponse. write ""ElseRs ("Hits") = rs ("Hits") + 1Rs. update%>
Only get post is filtered and cookie injection exists.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.