INJECTION SQL IN MODULE ASP AND PHP |
Post Reply |
Author | |
Thebras
Newbie Joined: 19 May 2011 Status: Offline Points: 3 |
Post Options
Thanks(0)
Posted: 19 May 2011 at 10:40am |
HELLO
You have injections SQL in all your query For an windows server IIS + ASP the loggin with ADMINISTRATOR ACCOUNT IS BYPASSABLE !! Please learn to devellop in php or .net thanks for all your client. |
|
BIND
|
|
AndrewD
Groupie Joined: 03 May 2008 Location: Australia Status: Offline Points: 71 |
Post Options
Thanks(0)
|
The sample asp and php sites are simple sites that are provided "as is". My updated site that is listed in my signature below is blocking injections to the best of my checking.
If you are aware of any open injections please let me know the relevent page and control and I will fix them. Thankyou for your fedback.
|
|
Spamfilter web interface. www.tyrexpg.com.au
See http://www.logsat.com/SpamFilter/Forums/forum_posts.asp?TID=6883 |
|
Thebras
Newbie Joined: 19 May 2011 Status: Offline Points: 3 |
Post Options
Thanks(0)
|
EDIT :
folow: http://www.tyrexpg.com.au/Settings.asp?Setting=Domains&A=Edit&U=152&D=-1%20union%20select%201 MySQL][ODBC 3.51 Driver][mysqld-5.0.67-community-nt]The used SELECT statements have a different number of columns /Settings.asp, line 2698
it's in YOUR application :/ Goto: php is more easy to have an safety application. sry for my english, i'm french ________________ Oh ! It's not about the sample version. (so the sample have sql injection on each query) (i had php in the title because i see injection in the code.) In my compagny we have a full version, Look the file into the directory SpamfilterWeb : SpamFilterWeb$ find . . ./css ./css/styles1.css ./default.asp ./images ./images/cal.gif ./images/double_left.gif ./images/submit_button_org.gif ./images/databoxes_right.gif ./images/right.gif ./images/databoxes_left.gif ./images/down.gif ./images/widget_close_box_dark.gif ./images/spacer.gif ./images/previous.gif ./images/up.gif ./images/next.gif ./images/last.gif ./images/left.gif ./images/expand.gif ./images/banner_logout.gif ./images/double_right.gif ./images/first.gif ./images/collapse.gif ./images/nav_carrot_orange.gif ./README.TXT ./db ./db/alter_tbllogins.sql ./db/create_tbl_logindomains.sql ./db/MySQL-Update-v3.5.3.695.sql ./classicasp ./classicasp/countries.asp ./classicasp/incExchangeDataBoxes.js ./classicasp/SubmitProfile.asp ./classicasp/css ./classicasp/css/styles1.css ./classicasp/sfdb.asp ./classicasp/ListUsers.asp ./classicasp/AssignRandPassword.asp ./classicasp/utils.asp ./classicasp/SubmitLogon.asp ./classicasp/Profile.asp ./classicasp/const.asp ./classicasp/default.asp ./classicasp/spf.asp ./classicasp/adovbs.inc ./classicasp/SubmitSuperUser.asp ./classicasp/incexchangedataboxes.asp ./classicasp/Login.asp ./classicasp/PasswordChange.asp ./classicasp/images ./classicasp/images/cal.gif ./classicasp/images/double_left.gif ./classicasp/images/submit_button_org.gif ./classicasp/images/databoxes_right.gif ./classicasp/images/right.gif ./classicasp/images/databoxes_left.gif ./classicasp/images/down.gif ./classicasp/images/widget_close_box_dark.gif ./classicasp/images/spacer.gif ./classicasp/images/previous.gif ./classicasp/images/up.gif ./classicasp/images/next.gif ./classicasp/images/last.gif ./classicasp/images/left.gif ./classicasp/images/expand.gif ./classicasp/images/banner_logout.gif ./classicasp/images/double_right.gif ./classicasp/images/first.gif ./classicasp/images/collapse.gif ./classicasp/images/nav_carrot_orange.gif ./classicasp/securecheck.asp ./classicasp/logoutdisplay.asp ./classicasp/setpwd.asp ./classicasp/FilterSettings.asp ./classicasp/ForgotPassword.asp ./classicasp/ResolveSpam.asp ./classicasp/ListSpam.asp ./classicasp/GetSetRecordsPerPage.asp ./classicasp/AddNew.asp ./classicasp/cleanup.asp ./classicasp/AssignSuperUser.asp ./classicasp/admin.asp ./classicasp/authenticate.asp ./classicasp/ResetDomainIncludeFirst.asp ./classicasp/logout.asp ./classicasp/black.asp ./classicasp/white.asp ps "helo" from France Edited by Thebras - 26 May 2011 at 11:41am |
|
BIND
|
|
AndrewD
Groupie Joined: 03 May 2008 Location: Australia Status: Offline Points: 71 |
Post Options
Thanks(0)
|
Your English is better than my French ;)
I see what you are sying with regards to the injection above. 1. This injection only applies after you have a valid logon. 2. I have not yet run through all the post logon pages to sanitize against injection as i am yet to see a user who is internal to a company try to hack/corrupt an application. I know this is not a reason to just forget about sanitization, but i will get to it when i can. as for "Goto: php is more easy to have an safety application." i really do not want to get into this argument as it has been had a million times on forums on the internet. The bottom line seems to allways come back to, they are both brilliant products and have their pros and cons. It really comes down to which is going to be easier for your existing platform and knowledge. As my background is VB, and VBScript. ASP was a very small learning curve for me. I am not a developer, i am a network administrator that can also do some development. "Look the file into the directory SpamfilterWeb : " i am unable to understand what you mean by this. please feel free to explain more. I understand that it may not be appropriate to answer some questions or pass some information as part of an open forum here so feel free to email me with any information that you think I need to know. ps. Hello from Australia |
|
Spamfilter web interface. www.tyrexpg.com.au
See http://www.logsat.com/SpamFilter/Forums/forum_posts.asp?TID=6883 |
|
Thebras
Newbie Joined: 19 May 2011 Status: Offline Points: 3 |
Post Options
Thanks(0)
|
Well,
i know all your problems (je comprends tout tes problèmes en tant qu'administrateur réseaux.) but : Your application is download an usable by all,(Votre application est téléchargeable, et utilisable par n'importe qui, et n'importe qui peut lire sont code source.) and if the vulnérabilites are know,(Et si les failles de sécurités sont analysé et découverte) it's possible to an hacker to escalade priviliege and grant. (Il sera possible pour des hacker, de monter en privilèges, et d'obtenir un acces plus important sur le réseaux de la cible.) To have an valid logon, you juste requiere to have an client acces. (Pour avoir un compte valide, il suffit simplement d'être un client de l'entreprise et d'avoir un domaine à configurer sur spamfilter.) Or not:(ou pas) http://www.tyrexpg.com.au/emailrep.asp?l=152&d=%2812%20union%20select%201%20--%29&test=screen this injection, (i not try to exploit it) is accessible with no logon.. ( cette injection sql, est utilisable, ainsi que beaucoup d'autres dans d'autres pages, sans être connecté sur le site.) If the user of your application use classique password of mysql /mssql database it's possible to have an root acces easy on the server host, and after : corrupt all the Local LAN. (Si l'utilisateur de cette application utilise des identifiant classique pour la base mssql or mysql, tel que SA / root, il sera possible d'obtenir un acces root sur le server) but, i like your interface spamfilter :) (mais j'aime bien votre interface) ""Look the file into the directory SpamfilterWeb : " i am unable to understand what you mean by this. please feel free to explain more."" it's the listing file of my version "spamfilter web interface", compagny edtion. (c'est la liste des fichiers de l'inteface web de configuration spam filter, qui n'est pas simplement un exemple, et utilisé par des clients.) cordialement :) |
|
BIND
|
|
Post Reply | |
Tweet
|
Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.133 seconds.