Wednesday, May 18, 2016

DiyWeb Admin Bypass and Remote file/shell Upload

Hi Guys, hope you are well. so we are back on our Old topic after a long time ! enjoy new and plse share your views and share our Links on Facebook,twitter etc. Thanks !
so Now turn to work. our new is DiyWeb admin bypass, in this vulnerability we can upload our shell, deface pages, and files by bypassing admin login panel.
title : DiyWeb Admin Bypass and & file Upload
Discovered By : NoentryPhc
Sever :
Type : web appliion
Shell extention : .asp

admin+bypass+safe+monde+bypass++server+asp+shell.jpg (400×300)
Dork : "Power by DiyWeb"
Poc : diyweb/menu/admin/_manager.asp
This 's almost all vulnerable websites are Malaysiyan.
To upload your files Goto :
and upload your shell/deface there !
if .p extention is not allowed then your can try tamper data and live http hders
to acess your file goto : and sometimes you have to find your manually on websites
Live Demo :
find more using Google dork :) Thanks for rding. plse share post on facebook and other social networks

No comments:

Post a Comment