We have already talked about Error Based SQL Injection. If you missed my article on that here is the link: http://www.anonhack.in/2018/04/sql-injection-part-4getting-admin-password/
The question that arises after getting the username and MD5 hash as password is “where do you use those credentials?” The answer to this is simple if there is a user table with password, there must be a web panel or portal to login to! If it’s known content management system, it is easier to find the login panel. So in this article we will be talking about ways through which we can access an admin panel.
Before using that admin panel you need to find the plain text password of the MD5 hash [password] that you got after SQL Injection. Some admin panels work with the hashes too but not always and rarely!
Ways to find admin panel on a Website:
1. Look for Robots.txt file
This is a text file which is used for web crawlers to allow or disallow a particular link of the website to be crawled. Look for robots.txt file. In most of cases, the admin panel link can be found in Robots.txt. Access robots.txt using by www.websitename.com/robots.txt
2. Google Database Hacking
This has been one of my ninja techniques for a long time. You just need to be a little specific about the page you have been looking for plus you have got operators to guess. Thanks to OR ( | )and AND.
You can use the following operators: site, inurl
Example: site:somesite.com inurl:(admin | administrator| portal | login)
3. Admin finder online website
This website will allow you to find admin panel by brute-forcing different words. It’s easier, but doesn’t always give out the result. The website hangs after a lot of load sometime. But it’s a feasible and easy try.
Nikto is a lovely tool. Gives out a lot of information about the target sometimes also provide you with the admin login. 🙂
Burpsuite is the most amazing thing that has happened to hacker. It provides a lot of handy tool in just a single application. I have myself found many admin panels just by normally crawling the website through burpsuite. Though not always but most of the time it does!
Dirb – The Directory Buster
After no other tool works for you, this one always does. Takes a lot of time though but if you are not going anywhere with the above tools, Dirb will get you somewhere.