|=============================================================|
|
|-------------------In The Name Of God------------------------|
|
| Exploit Title : Bazaargan CMS Bypass Login Vulnerability
|
| Exploit Author : Ashiyane Digital Security Team
|
| Google Dork : intext:"طراحی و برنامه نویسی سیستم | Bazaargan.ir"
| intext:"طراحی و برنامه نویسی توسط گروه طراحی وب سایت بازارگان"
| Tested on : Win 7
|
| Date : 2/17/2017
|
| Vendor HomePage : www.bazaargan.ir
|
|======================================|
|
| Tutorial :
|
| Search The Dork Or Go To Vendor HomePage And Select Your Target
| Then Go To Admin Panel At : /admin/login.php If Exist
| And Open Noredirect Add-Ons And Click On "Add"
| Paste The Target With ^ Character : ^Target
| At Last Change Url To : site/admin/index.php
| Upload Your Shell And Enjoy !
|
|=============================================================|
| Discovered By : ZeroDay , Special Tnx 2 : Ehsan Cod3r <3
|=============================================================|