Recently, many friends have expressed that they are still not sure how the d-injection tool detects asp website injection vulnerabilities. Then the editor will share with you how the d-injection tool detects asp website injection vulnerabilities. Friends who are not sure yet come here quickly. Take a look.
First, open the ahd injection tool.
Click the "Scan Injection Point" function on the left side of the software, enter the website address that needs to be detected in the address bar, and click the detection button behind the address bar.
The injection point detected on the current page will be displayed at the bottom of the software. If there is no injection point on the homepage, you can change to other pages. You can click on the webpage to enter other pages, and click to enter each column of the website to see if there are injection points on each page. If there are no injection points on all pages and links you click, it is possible that your website does not have common injection vulnerabilities.
If the test finds an injection point, you can first select an injection point, right-click and select "Injection Detection" to check whether injection is available.
Enter the injection detection page, click the "Detection" button directly, wait for the lower left corner to display that the detection is complete, and then click "Detection Table Segment".
The account and password related table segments have been detected here. Generally, sensitive characters for administrator accounts such as "admin" or "administrator" or user are preferred. After the test is completed, check the password field and select the test content. You can detect the administrator’s login account and password!
The above is the method shared by the editor to use the ahd injection tool to detect injection vulnerabilities in asp websites. I hope it can help everyone.
