This is a writeup describing an SQL injection authentication bypass vulnerability in an ASP-based application developed by Bispage.com. It provides steps to exploit the vulnerability to upload ASP shells.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:Bispage.com developed application (version unspecified)
No auth needed
Prerequisites:Access to the admin login page of the target application