ASP Download 1.03 Arbitrary Change Administrator Account Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : ASP Download 1.03 Arbitrary Change Administrator Account Vulnerability
# Published : 2008-06-10
# Author : Zigma
# Previous Title : Syndeo CMS 2.6.0 (LFI/XSS) Multiple Remote Vulnerabilities
# Next Title : Todd Woolums ASP News Management 2.2 SQL Injection Vulnerabiltiy

  ASPDownload v 1.03 Remote Admin Bypass Exploit   /
                                                                                      /
                                      _______________________________________________/



[+] Author      : Underz0ne Crew
[+] Script      : ASPDownload v 1.03
[+] Risk        : High
[+] Script URL  : http://www.toddwoolums.com/aspdownload.asp
[+] Dork        : Powered by AspDownload

--//--> Exploit Area :

[+] Description : The problem is that the script's owner doesnt request a Login page for the DANGEROUS file setupdownload.asp where we can RESET the admin's 
access and change the admin's informations for whatever we want !

[+] How to Exploit :

1) Go to : http://dork.cc/PathToScript/setupdownload.asp
2) Change the Info's
3) Login with the new informations in default.asp page
4) Upload an ASP shell from the upload.asp page

So simple!


[+] Greetz : stack , Bl@ckbe@rD , Djekmani , HouSSamiX  

# www.Syue.com [2008-06-10]