Sup,
Today Exploit-db published my new paper:

“Authentication Bypass - SQL Injection and magic_quotes“.

Table of contents:

1. Introduction
2. What is Auth Bypass
3. How to exploit it
4. Bypass magic_quotes
5. How to fix it
6. Shouts

You can read it here:
http://www.exploit-db.com/download_pdf/11956

and here:
http://novacaine.me.pn/whitepapers/auth-bypass.pdf

In the following day’s I’m going to make a video tutorial about spawn a shell via LFI (less known method).

Stay tuned, n0va