!!! DUPLICATED so BOGUS !!! https://cxsecurity.com/issue/WLB-2016030064 -------------------------------------------- Exploit Title : Iran Tarh Bypass Authentication Vulnerability Credit : Iran Cyber Security Group Discovered By : 0x3a Version : 3.4 Date : 14 April , 2016 Vendor HomePage :www.irantarah.com Tested On : Win98 Dork : intext:طراحی و پیاده سازی : شرکت ایران طراح (For findig target you can going to vendor home page and select your target) /============================================================ 1) Tutorial : First You must install noredirect add-ons then going to login page and bypass it Login Page : /admin/login.php open noredirect and click on ADD button then type " ^ " And your login page e.x : ^http://www.target.com/admin/login.php Then you can change your url to /admin/index.php e.x : http://www.target.com/admin/index.php And You Can Upload Shell [+][+][+][+][+][+][+] WWW.IRAN-CYBER.NET[+] [+][+][+][+][+][+][+] My Team : MOHAMAD-NOFOZI , root3r , sir.h4m1d , m0hamad.black , whitewolf , mr.s4jj4d , mr.turk , 0day , pi.hack , l3gi0n , nazanin_wild , 0xdevil GOOD LUCK </0x3a>