Best Ways to find the Admin Panel
I see many peoples having problem while hacking a Website Smile They say that the Get the Data but they are unable to find the admin panel Smile So today i will be sharing all the Tricks that are basically done for finding Admin panel Of a Web Site SmileMethod 1:Adding URL
This is the first and easiest method to find admin login page. You can add some words
after the URL.Like
http://www.site.com/admin
http://www.site.com/administrator
http://www.site.com/login
http://www.site.com/wp-login.php
http://www.site.com/admin.php[/color]
Method 2:[color=#FF0000]Using Various Script
You can use various scripts like various admin finder to get the admin page.
Here I am
showing you an useful scripts which will help you to get the admin page.(I will release my own admin finder script soon and upadte here)
To run this script you first need to install Active Perl.get it from
http://www.activestate.com/activeperl/downloads
Now copy the code of http://pastebin.com/WWZszURW and save it as anything.pl and
run the script to get the login page of the desired site.(Remember its a python Script).
Method 3:Crawling software
You can use various crawling tool to crawl the website and get the login page. These
website crawl all the pages of the website and show the list of all pages and directories.
Method 4:Crawling
By default various search engines crawl the entire site and by using robots.txt the site
owner actually gives the list of links that are not to be crawled by the engine.
Now most
of the time the admin ask the engine not to crawl the admin page so if you view the
robots.txt you can get the link to the login page.
http://www.site.com/robots.txt[/color]
Method 5:[color=#FF4500]Google Dorks
Google dorks are some time very useful if you know to use it properly.so here are some example of useful Google dorks that will definitely help you in finding admin login panle of a website.
Site:site.com “admin”
Site:site.com inurl:login
site:site.com intitle:"admin login"
Method 6:Using Online Admin Finder/Scanner
There are many such online admin finder available but i am giving you the link for one of my favorite one This
site http://sc0rpion.ir/af/ will help you in finding admin login page online.
Method 7:Havij Tool
At last you can use the all time popular Havij to find admin page.Click on the HAvij Link to know more i have already written a nice post on it.
COUNTERMEASURES BY ADMIN
From this post it becomes very clear that if You (site owners) have not changed the
default URL of your site’s login page then it can easily be compromised if an attacked
gets the User name and password or even he can brute it.So it is advised that you
should change the default URL of yours login page to something uncommon which is
hard to guess like for example:
http://www.site.com/glass.php
http://www.site.com/myway.php
0 comments:
Post a Comment