Hacking into Admin Panel of U.S Federal government system C.A.R.S — without credentials.

Walkthrough

Home Page
Admin Login Panel
  • To view the source of page : CTRL+U or Right-Click button and View Code Source.
  • While looking for some interesting functions, I came across a function called loginchk().
Developer Console — Adding the value “admin”
Login Response
Successful Login.

Takeaway

--

--

--

Junior Security Researcher.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The One JavaScript Library I Almost Always Use

Increase code quality with Github Actions

Why I find livewire so useful?

Let’s Build A Full Stack App With The Spotify Algorithm and API

CS373 Spring 2021: Shaharyar Lakhani — Week 6

Angular Material Checkbox Tutorial

Creating an Electron app with Redux Toolkit

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Hazem Brini

Hazem Brini

Junior Security Researcher.

More from Medium

Sensitive Information disclosure through unrestricted Directories

Authentication Bypass & ATO

Full Account takeover (ATO) — a tale of two bugs 🐛

On the way to 2nd Bounty XSS and Apache server .