⚙️Some ways to find company admin panels 💻
- Using Google Dorks:
site: target.com inurl: admin | administrator | adm | login | l0gin | wp-login
intitle: "login" "admin" site: target.com
intitle: "index of / admin" site: target.com
inurl: admin intitle: admin intext: admin
- Using httpx and a wordlist:
httpx -l hosts.txt -paths /root/admin-login.txt -threads 100 -random-agent -x GET, POST -tech-detect -status-code -follow-redirects -title -content-length
httpx -l hosts.txt-ports 80,443,8009,8080,8081,8090,8180,8443 -paths /root/admin-login.txt -threads 100 -random-agent -x GET, POST -tech-detect -status- code -follow-redirects -title -content-length
- Using utilities:
https://github dot com/the-c0d3r/admin-finder
https://github dot com/RedVirus0/Admin-Finder
https://github dot com/mIcHyAmRaNe/okadminfinder3
https://github dot com/penucuriCode/findlogin
https://github dot com/fnk0c/cangibrina
- Using search engines:
Sh0dan:
ssl.cert.subject.cn:"company.com "http.title:" admin "
ssl: "company.com" http.title: "admin"
ssl.cert.subject.cn:"company.com "admin
ssl: "company.com" admin
Fofa:
cert = "company.com" && title = "admin"
cert.subject = "company" && title = "admin"
cert = "company.com" && body = "admin"
cert.subject = "company" && body = "admin"
ZoomEye:
ssl: company.com + title: "admin"
ssl: company.com + admin
Censys (IPv4):
(services.tls.certificates.leaf_data.issuer.common_name: company.com) AND services.http.response.html_title: admin
(services.tls.certificates.leaf_data.issuer.common_name: company.com) AND services.http.response.body: admin
Top comments (2)
These methods and tools are commonly employed in sales data enrichment, cybersecurity and web development contexts to assess and improve the security posture of web applications and systems.
However, it's essential to emphasize the importance of using such techniques ethically and responsibly. Unauthorized access to systems, including attempting to access admin panels without proper authorization, can be illegal and unethical. It's crucial to conduct security testing only with explicit permission from the owner of the system being tested, preferably as part of a formal security assessment or penetration testing engagement.
please sir i am interested and like to learn this but this is not clear to me. i dont understand this.