Secret Administrative Pages

Overview Secret Administrative Pages are surprisingly common. Developers assume that it is not possible to determine the URL so the pages are secure. Video Tutorials Discovery Methodology Try brute forcing the page names in the page parameter with Burp-Intruder in sniper mode. Include some of the following page names in the brute force list: secret.php, admin.php, _adm.php, _admin.php, root.php, administrator.php, auth.php, hidden.php, console.php, conf.php, _private.php, private.php, access.php, control.php, control-panel.php, phpMyAdmin.php Exploitation Same as discovery. Example The phpinfo function dumps PHP server configuration information to a nice table. The phpMyAdmin.php hosts a secret phpMyAdmin console. Videos How to Show Secret Page in Security Level 5 Brute Force Page Names using Burp-Suite Intruder Introduction to Fuzzing Web Applications with Burp-Suite Intruder Tool Using Burp Intruder Sniper to Fuzz Parameters Introduction to Burp-Suite Comparer Tool Gaining Administrative Shell Access via Command Injection How to Locate the Easter egg File using Command Injection How to Install dirb on Linux How to Use dirb to Locate Hidden Directories on a Web Site How to Install OWASP DirBuster on Linux How to use OWASP DirBuster to Discover Hidden Directories on Web Sites