bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/asp/webapps/5780.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

30 lines
No EOL
1,013 B
Text
Raw Permalink Blame History

\ ASPDownload v 1.03 Remote Admin Bypass Exploit /
\ /
\_______________________________________________/
[+] Author : Underz0ne Crew
[+] Script : ASPDownload v 1.03
[+] Risk : High
[+] Script URL : http://www.toddwoolums.com/aspdownload.asp
[+] Dork : Powered by AspDownload
--//--> Exploit Area :
[+] Description : The problem is that the script's owner doesnt request a Login page for the DANGEROUS file setupdownload.asp where we can RESET the admin's
access and change the admin's informations for whatever we want !
[+] How to Exploit :
1) Go to : http://dork.cc/PathToScript/setupdownload.asp
2) Change the Info's
3) Login with the new informations in default.asp page
4) Upload an ASP shell from the upload.asp page
So simple!
[+] Greetz : stack , Bl@ckbe@rD , Djekmani , HouSSamiX
# milw0rm.com [2008-06-10]
Reference in a new issue View git blame Copy permalink