Void
03-08-2015, 02:07 PM
i want to share a method for bypassing admin panel logins with this firefox addon
install the addon from this link :
https://addons.mozilla.org/en-us/firefox/addon/noredirect/
NOTE:
this doesnt work on all targets it depends on coding of the target if its something like this it will work :
<?php
if (login_check($username, $password) == true)
{
//user & pass are correct
setcookie("admin","SOME VALUE...");
}
else
{
//user & pass are Not Correct
header("location: login.php");
// in here admin should use
//die();
//if die() isnt here its vulnerable
}
?>
https://www.youtube.com/watch?v=ybAUOViZ3pQ
install the addon from this link :
https://addons.mozilla.org/en-us/firefox/addon/noredirect/
NOTE:
this doesnt work on all targets it depends on coding of the target if its something like this it will work :
<?php
if (login_check($username, $password) == true)
{
//user & pass are correct
setcookie("admin","SOME VALUE...");
}
else
{
//user & pass are Not Correct
header("location: login.php");
// in here admin should use
//die();
//if die() isnt here its vulnerable
}
?>
https://www.youtube.com/watch?v=ybAUOViZ3pQ