Disputed / BOGUS

Iran Tarh Bypass Authentication Vulnerability

Published / (Updated)
Credit
Risk
2016-05-16 / 2016-05-17
Iran Cyber Security Group
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes
Dork: intext:طراحی و پیاده سازی : شرکت ایران طراح

!!! DUPLICATED so BOGUS !!!

https://cxsecurity.com/issue/WLB-2016030064

--------------------------------------------

Exploit Title : Iran Tarh Bypass Authentication Vulnerability
Credit : Iran Cyber Security Group
Discovered By : 0x3a
Version : 3.4
Date : 14 April , 2016
Vendor HomePage :www.irantarah.com
Tested On : Win98
Dork : intext:طراحی و پیاده سازی : شرکت ایران طراح (For findig target you can going to vendor home page and select your target)
/============================================================
1) Tutorial :
First You must install noredirect add-ons then going to login page and bypass it
Login Page :
/admin/login.php
open noredirect and click on ADD button then type " ^ " And your login page
e.x :
^http://www.target.com/admin/login.php
Then you can change your url to /admin/index.php
e.x :
http://www.target.com/admin/index.php

And You Can Upload Shell

[+][+][+][+][+][+][+]
WWW.IRAN-CYBER.NET[+]
[+][+][+][+][+][+][+]
My Team : MOHAMAD-NOFOZI , root3r , sir.h4m1d , m0hamad.black , whitewolf , mr.s4jj4d , mr.turk , 0day , pi.hack , l3gi0n , nazanin_wild , 0xdevil
GOOD LUCK
</0x3a>

References:

https://cxsecurity.com/issue/WLB-2016030064


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com