How I Hacked an Admin Panel in Just 2 Minutes
Introduction:
Hello everyone, my name is Ranjan Yadav, and I’m currently in my third year of BCA. I started my journey in cybersecurity over a year ago, and I’ve been passionate about it ever since. Bug bounty hunting and researching targets have become my favorite activities, and today, I’m excited to share how I hacked an admin panel in just 2 minutes!
The Vulnerability:
This is one of the easiest vulnerabilities to exploit, even if you’re not very familiar with hacking. Don’t worry — you can find it too! The vulnerability I came across was Weak/Default Credentials.
Description: The system was using default credentials, which are often publicly documented or extremely easy to guess (like “admin/admin” or “password123”).
Risk: Attackers can easily gain unauthorized access by guessing or knowing these credentials, leading to data breaches, system compromises, and potentially unauthorized actions that could harm the entire system.
How I Found the Admin Panel
Subdomain Enumeration:
Before diving into the admin panel, I needed to find all possible subdomains associated with the target. Subdomain enumeration is a critical first step in identifying hidden services, and I used Subfinder for this task.
Using Subfinder:
I ran the following command to find all subdomains for the target domain, in this case, radicate.com, and saved the output to a file called subdomain.txt:
subfinder -d radicate.com -all -recursive -o subdomain.txt
Filtering for Admin Panels:
To narrow down my search for admin panels, I filtered the results for subdomains containing the word “admin”:
cat subdomain.txt | grep “admin”
Alternatively, you can combine both steps in one command, without saving to a file:
subfinder -d radicate.com -all -recursive | grep “admin”
This method quickly revealed several admin-related subdomains, and that’s when the real fun began!
Taking Screenshots with Aquatone:
To visualize and quickly inspect all the subdomains, I used Aquatone to generate screenshots of the subdomains:
cat subdomain.txt | aquatone
This process helped me quickly identify several admin-related subdomains and provided screenshots of the login pages, which made the next steps much easier!
Accessing the Login Pages:
After identifying the admin-related subdomains and taking screenshots using Aquatone, the next step was to visit those login pages and check for weak credentials. This is where things got interesting.
Testing for Default Credentials:
Admin panels often have weak or default credentials, which can easily be guessed. I started by testing some of the most common weak passwords:admin/admin
admin/password123
admin/123456
Guest/Guest
test/test
Success!
When I used admin/admin on one of the login pages... BOOM—I got immediate access! This simple, common combination allowed me to bypass the login page and enter the system.
Conclusion:
I hope you enjoyed this story! I tried to keep the content simple and straightforward so that even beginners can understand how such vulnerabilities are exploited. This experience shows that sometimes, hacking doesn’t have to be complicated — simple issues like weak credentials can lead to serious security risks. Remember, always secure your systems with strong passwords!
If you found this helpful, feel free to follow me on LinkedIn and Twitter for more insights and updates on my bug bounty journey.
Bye👋
