When I begin with my penetration testing , it was so hard to know where to start with.
But later I came to know that it would be more good and beneficial if I go with the admin panel and do some sensitive actions which can even bypass those panels and get in to them.
But, first I have to know where the admin panels of the website are paged. Here, I m going to give some obvious techniques to find the admin panel of a website.
The most common thing that you need to get in to the admin panel is the credentials (username and password) and the URL of the admin panel.
For example www.site.com/admin/ is an URL for the admin panel of the website which will be more easy to guess but in most cases they avoid these silly type of URLs for their admin panel.
So, they make it more critical for us to find by making it non – guessable such as www.site.com/yrfgeug/admin or more critical than this.
In this case the discovery of admin panel will be difficult such that we are not able to find it by normal guessing but we should move with some techniques that could possibly find the admin panels.
Crawling the website:
The first step to discover is crawling of the website. Crawling gives you the URLs linked with the website .
This will give you the information on the linked URls with the website and so, you will get the chance for finding the admin panel.
But in some cases it will not work because the private or restricted content of a website is normally included in the robots.txt file with the parameter called “disallow”.
So those URLs are not crawled even by google. As an alternative we go for finding the robots.txt file of the website by simply manipulating the URL as www.site.com/robots.txt and hit enter.
This will list the private contents of the website that are not allowed to crawled by the bots. You can download the robots.txt file for your reference with the command
Wget www.example.com/robots.txt (or)
It would be more easy by taking a screen shot like this..
I repeat that these are the possibility of discovering and it may work in most cases only.
Crawling also includes creating xml sitemap of the website and get the lists of URLs linked with the website.
Create xml sitemap here: xml sitemap creator
The crawling of the websites can be done using online crawlers like SEOtools or there are some tools provided by OWASP called ZAPproxy which will give fast and accurate results.
You can also use online admin finder which gives you 1000+ urls with which you can brute force it and wait for 200 response incase of Burp.
The next step incase of failure of the first one is the google dorks . I have given a detailed description of google dorks in my previous post.
And the best dorks I recommend for finding the admin panel are,
in some cases the term admin can be used as administrator by some websites.
Now the maximum possibility comes here where you can use the linux tools . There are many tools available for finding the admin panels but I personally go with Breacher tool which gives cent percent results in most of the time.
These are the possible ways of finding the admin panel of the websites. Hope this will help you.
Happy finding 🙂