Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ECHO_ADV_21$2005] MUltiple Vulnarable In ActiveBuyAndSell

from [the_day@echo.or.id] Network Security [Permanent Link]
Subject: [ECHO_ADV_21$2005] MUltiple Vulnarable In ActiveBuyAndSell
Date: 24 Jun 2005 11:40:32 -0000 
---------------------------------------------------------------------------
[ECHO_ADV_21$2005] MUltiple Vulnarable In ActiveBuyAndSell
---------------------------------------------------------------------------

Author: Dedi Dwianto
Date: June, 24th 2005
Location: Indonesia, Jakarta
Web: http://echo.or.id/adv/adv21-theday-2005.txt

---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : ActiveBuyAndSell
version : 6.2
URL  : http://ActiveWebSoftwares.com
Author : ActiveWebSoftwares
Description :

ActiveBuyAndSell is a Web-based application that connects people selling 
products 
and services with people looking to buy products and services. Uses MS SQL or 
Access database. Full ASp source code included.
        
---------------------------------------------------------------------------

Vulnerabilities:
~~~~~~~~~~~~~~~~

A. SQL Injection:
   
   * http://victim/ebuyandsell/default.asp?catid=[SQL inject]

   * http://victim/ebuyandsell/buyersend.asp?catid=[SQL inject]

   * http://victim/ebuyandsell/admin.asp
     In this pages vulnarable sql injection in form input
        
        POC : 
                Administrator ID :[SQL Inject]
                Password         :blank

        
   * http://victim/ebuyandsell/advertiserstart.asp

        POC :
                E-mail Address  :[SQL inject]
                Password        :blank

   * http://victim/ebuyandsell/buyer.asp

        POC :
                E-mail          :[SQL inject]
                Password        :blank

   * http://victim/ebuyandsell/search.asp

        POC :
                Keyword         :[SQL inject]


B. Xss
  
   * 
http://victim/ebuyandsell/sendpassword.asp?Table=Buyer&Title=[XSS]&EmailFld=BEmail

        POC :

        
http://victim/ebuyandsell/sendpassword.asp?Table=Buyer&Title=<script>alert('test')</script>&EmailFld=BEmail

  * http://victim/ebuyandsell/search.asp

        POC :
                Keyword         : <script>alert('dudul')</script>

   
C. Fix

   Vendor allready contacted but still no response and i can't fix it because
   i can't view source code :lol

---------------------------------------------------------------------------

Shoutz:
~~~~~~~

~ y3dips, moby, comex, z3r0byt3, K-159, c-a-s-e, S`to, lirva32, anonymous
~ Lieur Euy , MSR
~ newbie_hacker@yahoogroups.com ,
~ #e-c-h-o@DALNET

---------------------------------------------------------------------------
Contact:
~~~~~~~~

     the_day || echo|staff || the_day[at]echo[dot]or[dot]id
     Homepage: http://theday.echo.or.id/

-------------------------------- [ EOF ] ----------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ECHO_ADV_21$2005] MUltiple Vulnarable In ActiveBuyAndSell, the_day@echo.or.id <=
Previous by Date:  Re: Firefox Crash??, Peter Bartosch
Next by Date:  SUSE Security Announcement: sudo (SUSE-SA:2005:036), Thomas Biege
Previous by Thread:  Re: Firefox Crash??, Peter Bartosch
Next by Thread:  SUSE Security Announcement: sudo (SUSE-SA:2005:036), Thomas Biege
Indexes:  [Date] [Thread] [Top] [All Lists]