Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Hacker Problem
September 25, 2006, 11:10 am
rate this thread
I have a website hosted on MS IIS.
It has a news section fed by a database to allow the owners of the site the
ability to update the news pages themslves.
Last week a message was added by an Iranian hacker (see the end of this
What I don't understand is how they were able to do this.
The code checks for the existance of a session variable before alowing the
page to be displayed, so how could they create this variable?
Also, (from the log file,) they jumped right into the update page, not the
form where the message is created!
Any opinion would be greafully received, especially if a solution can be
H4cked By Mafia Hacking Team Black Hat - 16 September 2006 at 14:39
Iranian Hackers Are The Best---Darkl0rD Was Here---Fuck Pop---Only For
- Sebastian Gottschalk
September 25, 2006, 12:13 pm
Re: Hacker Problem
each page of the admin section has this entry:
If Session("blnIsUserGood") = False or IsNull(Session("blnIsUserGood")) =
and the log page at the time of the unauthorised addition was:
#Date: 2006-09-16 13:37:08
#Fields: date time s-sitename s-ip cs-method cs-uri-stem cs-uri-query s-port
cs-username c-ip cs-version cs(User-Agent) cs(Cookie) cs(Referer) sc-status
sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2006-09-16 13:37:08 W3SVC1109230333 xxx POST /news/check_user.asp - 80 -
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1) - - 302 0 0 414 589
2006-09-16 13:37:10 W3SVC1109230333 xxx GET /news/admin_menu.asp - 80 -
ASPSESSIONIDQADSBBAR=JNJABJLBDOIBGEHAHDODEOOF - 200 0 0 1941 455 359
What I don't understand is how check_user.asp can be the entry page for this