Secret Administrative Pages are surprisingly common. Developers assume that it
is not possible to determine the URL so the pages are secure.
Try brute forcing the page names in the page parameter with
Burp-Intruder in sniper mode. Include some of the following
page names in the brute force list:
secret.php, admin.php, _adm.php, _admin.php, root.php,
administrator.php, auth.php, hidden.php,
console.php, conf.php, _private.php, private.php,
access.php, control.php, control-panel.php, phpMyAdmin.php
Same as discovery.
The phpinfo function dumps PHP server configuration information to a nice table.
The phpMyAdmin.php hosts a secret phpMyAdmin console.
Click here to watch How to Show Secret Page in Security Level 5
Click here to watch Brute Force Page Names using Burp-Suite Intruder
Click here to watch Introduction to Fuzzing Web Applications with Burp-Suite Intruder Tool
Click here to watch Using Burp Intruder Sniper to Fuzz Parameters
Click here to watch Introduction to Burp-Suite Comparer Tool
Click here to watch Gaining Administrative Shell Access via Command Injection
Click here to watch How to Locate the Easter egg File using Command Injection
Click here to watch How to Install dirb on Linux
Click here to watch How to Use dirb to Locate Hidden Directories on a Web Site
Click here to watch How to Install OWASP DirBuster on Linux
Click here to watch How to use OWASP DirBuster to Discover Hidden Directories on Web Sites
|