Friday, June 7, 2013

Symlink + Bypass AdminPanel Joomla Exploit

 Symlink + Bypass AdminPanel Joomla Exploit

 

Some attackers may determine that a website running on Joomla! site-web.com/administrator

But in some cases, when you type /administrator/ index.php automatically redirects us, then practically the attacker gives up because it thinks that the website is Joomla admin panel but has another name or another direction.

That happens for settings that the administrator has made ​​to your Joomla, Plugin installed AdminExile [/ b] that allows administrators to add an access key to the end of the URL that redirects to erroneous entries page beginning on page 404, or anywhere else without seeing the login panel administrator.

Example:

Code:
- www.site-web.com/administrator/            <------------ redirects at index.php
- www.site-web.com/administrator/?key        <------------ Admin panel


Once you have clicked on the second link, AdminExile password will be active until the session expires (or until the browser is closed).

For this case, I made a video demonstrating where achievement easily get the key (key) to enter the administrative site without problems.
Video Tutorial

0 komentar:

Post a Comment

./Silahkan Berkomentar yang sopan gan :)
Blog ini Dofollow artinya setiap anda koment otomatis mendapatkan Backilink
Gratis dari blog ini gan

◄ Posting Baru Posting Lama ►
 

Copyright © 2013. Tutorial Update - All Rights Reserved