PDA

View Full Version : N33d h3lp in finding 4dmin p4g3



4bh15h3k
03-21-2011, 10:34 PM
hey guys.........does anyone knows how to find the admin page as well as control panel of a website.......i am trying by using the dork intext:login but that doesnt work in most of the cases........please guys suggest me on this topic.......

fb1h2s
03-22-2011, 05:17 PM
Hope your intentions are good and your are gone use your knowledge wisely , do stay out of truble, any way here is something for u to read.

http://www.garage4hackers.com/showthread.php?381-Finding-Admin-Panel-or-upload-web-shell-in-Website-Another-Method-or-chance....&highlight=finding+admin+panel....

b0nd
03-23-2011, 05:47 AM
.i am trying by using the dork intext:login but that doesnt work in most of the cases........please guys suggest me on this topic.......

Shouldn't that be inurl or intitle instead of intext? More over that would depend on the search database of search engines. So in many cases the last resort is brute forcing using appropriated tools.

4bh15h3k
03-23-2011, 07:48 PM
Thank you fb1h2s for your post but i have tried all that before also and that all works for website which are not yet famous but they didnt work in case such as facebook, yahoo or gmail...........
thank you

4bh15h3k
03-23-2011, 07:58 PM
thank you b0nd but even that dorks aren't as effective as intext........if you have any other suggestions than you are most welocome

b0nd
03-24-2011, 06:51 AM
Thank you fb1h2s for your post but i have tried all that before also and that all works for website which are not yet famous but they didnt work in case such as facebook, yahoo or gmail...........
thank you

Ohh facebook, yahoo, gmail ... don't you think they are too big to be vulnerable to such trivial attacks? Do not expect them to keep the admin login page like /login/admin etc.
Furthermore, sometimes the web root path is visible in the error messages thrown by servers. But only in case if the errors are not thrown in controlled way and hence shouldn't be easy to get from famous websites. That helps sometimes.

4bh15h3k
03-24-2011, 10:31 AM
can u suggest me another method to keep shell on facebook,yahoo and gmail.........can we keep shell by lfi and rfi method

b0nd
03-24-2011, 11:22 AM
can u suggest me another method to keep shell on facebook,yahoo and gmail.........can we keep shell by lfi and rfi method

1st and last warning to you Abhishek!
And in addition to it you also need to take care that we understand "english" better than "l337" language, so mind the way you have written the title of your query.

Thread closed. Such questions wouldn't be entertained.