-->

Thursday, December 26, 2019

How To Find Website Admin Panel Easily using OkadminFinder Tool
Why do we need to find a website admin panel?

Most domains hide their admin panel for security purposes. They make it available only for website authority.

If an attacker gets the admin panel, he/she can completely focus only on bypassing the authentication system of the admin panel.

Getting access to the admin control panel can give an attacker full control of the website.

There can be many restrictions if we go for applying different attacks on the website to get access to the resources. But if we get access to the admin panel, we can get all resources with no harm.

Here we are going to talk about a tool that can help you to discover hidden admin panel pages of websites.

OkadminFinder. A very simple tool written in python but very useful. It scans the target website to find out the admin panel. For some websites, it finds out the admin panel in a few seconds but for websites with huge resources, it takes some time to complete its scanning process.

Why you should consider using this tool?

There are many tools available on the internet who can help you to do the same work as this tool does. But most of them are not secure and effective. OkadminFinder gives the option to flow the traffic through a Tor circuit which can help you to stay anonymous during the scan.

It also has some interesting features such as multithreading for faster work, classifies admin panel links depending on popularity.

But you have to manually set up the Tor to work with it.

Let's see how we can configure OkadminFinder to work with Kali Linux.

Configure OkAdminFinder in Kali Linux

1. Fire up your Kali Linux machine and download the tool from Github. Navigate to the directory where you've downloaded it and expand it.

cd okadminfinder3/
ls

2. Now, check if you have "tor service" installed on your system. if you don't have just install it by using the following command.

apt-get install tor
apt-get install python3-socks

3. This should install and configure tor in your system. At the next, satisfy the requirements the tool need to run in an error-free way by using the command given below.

pip3 install -r requirements.txt

This command will install and automatically configure all the necessary packages and modules the tool needs.

Scanning a Website for Admin Panel

Run the application by using the following commands. 

python3 okadminfinder3.py -u 'target URL' --p 127.0.0.1:9050 -r

Here in the place of the 'target URL' paste the target site URL without a comma. By default, the Tor listens for SOCKS on the port 9050. It is safer to use SOCKS connections rather than HTTP connections. 

If the proxy gives any error. It may give an error because the Tor proxy is too slow. You can manually route all of your Kali Linux traffic to go through Tor. You can do that by using different anonymizer tools. Visit our anonymizer tools section for an error-free guide.

Or to scan without proxy you can use the following command.

python3 okadminfinder3.py -u 'target URL' -r
How To Find Website Admin Panel Easily using OkadminFinder Tool
We got the result! The application successfully pulled out one link to the admin panel. It could continue the scan to find more URLs but we didn't need and quit the process. 

You can also do that if your target is completed.

Conclusion

OkadminFinder is really a simple but effective tool. In the first place, we thought it will not function properly but it did.

If you like to try new tools then you should definitely try this tool. Also, if you do such types of works, we recommend you to consider this tool.

What's your opinion about this tool? Did you find it helpful? let us know in the comment box below. Also, if you face any problem regarding the installation of this tool, feel free to leave a comment below explaining the problem and attach a screenshot. Screenshot helps us to find the exact problem.

Disclaimer

The tutorial you found on this website is only for educational purposes. Misuse of this information can lead you to jail or punishment. Anything you damage, we are not responsible for that. Do use it on your own property. If you want to test it on other's property, take written permission from them.

Comments 0

Thanks for visiting us. Please Do comment with a valid name. Don't comment as Unknown.
(Warning: Do not spam in the comment box. Repetitive comments will not be moderated.)
EmoticonEmoticon