Be sure to watch the intro
The video link is below, my friends:
Greetings my friends, today we will talk about a security vulnerability, I have not come across anyone in the world who explains this security vulnerability properly.
They put this security vulnerability into practice by simply saying that it was a manipulation in the plot :S
My friends, I always show examples from Turkish sites and I will continue to do so.
First of all, my friends, I would like to start my speech by telling who uses this security vulnerability.
The majority of the Turkish Virtual community states that they are doing 'so-called' actions thanks to this security gap, and attracts the attention of those who do not understand anything about these things.
They pull.
This lies in the logic of security vulnerability, my friends.
Think of a panel, I am creating a website, my friends.
Website: www.lamer.com.
This site needs to have an administration panel. Let's say 'Admin', if we're done this far, I'll move on to our main event.
Website: www.lamer.com/admin/login.php
I wrote 'admin' at the end of our site and a URL like the one above appeared on the left, my friends.
The logic of the 'NoRedirect' plugin lies in this. You may ask, 'What is 'Redirect'? This is redirection, brother.
My friends, the main thing that the plugin means by redirection is this. What is the 'index.php' address? We can call it 'Home Page'.
We are the website's:
Website: www.lamer.com/admin/login.php
If we change the part as follows.
Website: www.lamer.com/admin/index.php
It will automatically become like this again.
Website: www.lamer.com/admin/login.php
Here we changed it to index.php and the site automatically came to the login.php screen, so it seems like there was a redirect here, right?
If you don't understand, it would be better if I summarize it like this, my friends.
Think of a website, the panel of this website is in your hands, so you can enter it.
Website: www.site.com.tr/admin/
My friends, the screen before entering the website will be as above on the left, and the screen after entering the website panel will be exactly like this.
Website: www.site.com.tr/admin/anasayfa.php
The thing about this security vulnerability is that when the administrator enters the panel, he guesses the names of the categories in the panel.
Friends, for example, we have a website like the one below.
Website: www.hedefsite.org.tr/admin/
I'm using logic my friends, most likely the redirection of this could be 'homepage.php' and /admin/ I'm adding homepage.php here
Then it directs me to /admin/index.php. So, our guess was correct and we were forced to log in because we didn't know the password.
index.php, that is, redirected to the home page screen
My friends, if you do not understand much, I will ask you how this security vulnerability can be detected in the users of the 'Mirror' site called 'Ownzyou.com'.
Let me show you that I will throw the index above. This way, you will understand its logic very well. I wish you well-being.. :3
My friends, in the video content, I showed you how to enter the panel of the website, but beginner friends, how to enter the panel?
I will leave a list below, I will leave a list below, generally these are the categories.
homepage.php
login.php
login.php
These can be multiplied, but the most important issue, my friends, is that you may encounter a panel like this.
www.hedefsite.com.tr/admin/login.php
www.hedefsite.com.tr/admin/anasayfa.php
www.hedefsite.com.tr/admin/giris.php
We can give many examples of these, all you have to do is delete what comes after admin and add index.php, this will be a redirection my friends.
Afterwards, you can directly insert it into the 'Noredirect' plugin, I showed it in detail in the video.
To get all the permissions, my friends, we just paste it as a panel.
My friends, you can install the 'Noredirect' plugin from here, there is not only 'noredirect' but also more than one plugin.
The video link is below, my friends:
Greetings my friends, today we will talk about a security vulnerability, I have not come across anyone in the world who explains this security vulnerability properly.
They put this security vulnerability into practice by simply saying that it was a manipulation in the plot :S
My friends, I always show examples from Turkish sites and I will continue to do so.
First of all, my friends, I would like to start my speech by telling who uses this security vulnerability.
The majority of the Turkish Virtual community states that they are doing 'so-called' actions thanks to this security gap, and attracts the attention of those who do not understand anything about these things.
They pull.
This lies in the logic of security vulnerability, my friends.
Think of a panel, I am creating a website, my friends.
Website: www.lamer.com.
This site needs to have an administration panel. Let's say 'Admin', if we're done this far, I'll move on to our main event.
Website: www.lamer.com/admin/login.php
I wrote 'admin' at the end of our site and a URL like the one above appeared on the left, my friends.
The logic of the 'NoRedirect' plugin lies in this. You may ask, 'What is 'Redirect'? This is redirection, brother.
My friends, the main thing that the plugin means by redirection is this. What is the 'index.php' address? We can call it 'Home Page'.
We are the website's:
Website: www.lamer.com/admin/login.php
If we change the part as follows.
Website: www.lamer.com/admin/index.php
It will automatically become like this again.
Website: www.lamer.com/admin/login.php
Here we changed it to index.php and the site automatically came to the login.php screen, so it seems like there was a redirect here, right?
If you don't understand, it would be better if I summarize it like this, my friends.
Think of a website, the panel of this website is in your hands, so you can enter it.
Website: www.site.com.tr/admin/
My friends, the screen before entering the website will be as above on the left, and the screen after entering the website panel will be exactly like this.
Website: www.site.com.tr/admin/anasayfa.php
The thing about this security vulnerability is that when the administrator enters the panel, he guesses the names of the categories in the panel.
Friends, for example, we have a website like the one below.
Website: www.hedefsite.org.tr/admin/
I'm using logic my friends, most likely the redirection of this could be 'homepage.php' and /admin/ I'm adding homepage.php here
Then it directs me to /admin/index.php. So, our guess was correct and we were forced to log in because we didn't know the password.
index.php, that is, redirected to the home page screen
My friends, if you do not understand much, I will ask you how this security vulnerability can be detected in the users of the 'Mirror' site called 'Ownzyou.com'.
Let me show you that I will throw the index above. This way, you will understand its logic very well. I wish you well-being.. :3
My friends, in the video content, I showed you how to enter the panel of the website, but beginner friends, how to enter the panel?
I will leave a list below, I will leave a list below, generally these are the categories.
homepage.php
login.php
login.php
These can be multiplied, but the most important issue, my friends, is that you may encounter a panel like this.
www.hedefsite.com.tr/admin/login.php
www.hedefsite.com.tr/admin/anasayfa.php
www.hedefsite.com.tr/admin/giris.php
We can give many examples of these, all you have to do is delete what comes after admin and add index.php, this will be a redirection my friends.
Afterwards, you can directly insert it into the 'Noredirect' plugin, I showed it in detail in the video.
To get all the permissions, my friends, we just paste it as a panel.
My friends, you can install the 'Noredirect' plugin from here, there is not only 'noredirect' but also more than one plugin.
