How to login to a website as an admin

This article will show you how to embed login credentials into a url. Why would you want to do this? Here is an example scenario:

Say that you have a user area on your own website, not on ScreenSteps. You create a site on ScreenSteps that you want those users to have access to but you don’t want to go through the hassle of setting up user accounts for everyone on ScreenSteps. You can use this method to provide a link in the user area that will take them to your site on ScreenSteps and automatically log them in under a shared user account.

Given this method uses a single shared user account, reporting will not accurately show unique user activity. Course progress and Bookmark usage will also be compromised, as these features rely on tracking individual user activity.

A couple things that you should be aware of:

  1. Anybody who has this url can login to the site. You may want to update the password periodically.
  2. If you use http instead of https for the url then the url will be sent unencrypted. If someone is sniffing your traffic they would be able to see the username and password in the url.

If you need lock-tight security for your content or want to use features like Courses or Bookmarks, then you should create reader accounts for each person that is going to access that content or use Single Sign-on.

But if you just need something simple that will keep unauthorized people out of the site while at the same time make it easy for your authorized users to get access to the content then this can be a good solution. To set it up, follow these steps:

1. Create an API User

First you will want to create a new API Access account. This account will be the login for everyone from your own site. In this example we will say that the username is “myusers” and the password is “mypassword”.

2. Give the User Site Permissions

Then add this user to a protected site on your account. They will now have permission to view the site.

3. Create your Emdedded URL

Copy the url for the site and add on the authentication parameters.

IMPORTANT: Don’t copy the url the admin area of your account. API Access users cannot access the admin area. Make sure you copy the public url.

If the url for your space was https://myaccount.screenstepslive.com/spaces/2345 then you would want to add ?login=myusers&password=mypassword to the end. The result would look like this:

Special characters such as “@” in the email or “&” in the password will need to be encoded in order for your URL to work properly. If needed, see this article on how to encode special characters for your URL.

4. Use the URL elsewhere

When a user clicks on this url they will be taken to space 2345 and automatically logged in. Anybody just going to https://myaccount.screenstepslive.com/spaces/2345 will be asked for a username and password.

9 Comments

John Readwin

I have found that if for instance the password contains a punctuation character, then the URL passes it as that character and doesn’t not properly encode it ( i.e. ! should encode to %21 but it doesn’t and thus the url’s break i some browsers.

Trevor DeVore

@John When creating a URL by hand you are responsible for encoding any special characters. Just replace the punctuation character with the encoding form and you should be good to go.

John Readwin

Trevor my bad, perhaps this wasn’t the correct article to post to, but the URL issue occurs when using the “Embeded login URL” function in Screensteps live

Mohammed Samiuddin

I am not sure if it is possible but i would like to share for some suggestion how can I achieve it

I have a internet website also I have login account
I have embedded Link in our organization Internal Portal
What I want is Whenever user click the link it should not ask them to login
it should directly take them to the page after login with Successful login

Not Sure if it is possible But Suggestions are welcome

Trevor DeVore

@mohammed – the instructions on this page should do what you are asking. The other alternative is to setup Remote Authentication with ScreenSteps. With Remote Authentication ScreenSteps will authenticate people using your web server. http://help.screensteps.com/m/remote_authentication

Nicole Biesenbender

Hi, this method is great and it takes the user to the ‘home’ page of my Screensteps site. However, I would like them to go to a specific page beyond the ‘home’ page with embedded login credentials. Is this possible?

Trevor DeVore

@Nicole – the user should be taken to the page your link points to after they login. If it isn’t working please contact us through support and we can troubleshoot.

Mark Welton

I have an application running on a separate server that users are required to enter their username and password. Within that app, I want to add a link that takes them to a wordpress web page having their username and password sign them in (to the wordpress site). I am using WP 5.1.
Will ScreenSteps work in this manner? if so, any help you can provide will be apprecitate.
Thank you

Trevor DeVore

@Mark – Can you clarify where ScreenSteps sits in your design? You mention an application and WordPress but not ScreenSteps.

One of the rapidly growing occupations and most sought in the world are certainly an IT security officers. There is currently a huge deficit of the system security experts.

IT security officer has to be a person with many abilities. These persons need to be very knowledgeable about functioning of both hardware and software systems. And a very skilled programmers. One of titles for such people is a pentester. Pentester prefer to work with web and mobile applications. They tend to find bugs or errors in systems that can be simple, as logical bugs to critical bugs.

This python script is made having this in mind. Script can check large number of pages (thousands) automatically on any web portal in short time period. Script will identify all potential login pages for user/admin.

Script is intended firstly for use by ‘blackbox’ pentesters, and all those who need to check security of login pages.

Let’s say someone (for example malicious user) finds errors that enables him/her to get access data (passwords and usernames). Where will he/she enter these? Some custom made websites don’t have obvious links to login pages (they are hidden). So they have to find them manually, or use this script and find them fast and easy.

Script has 2297 different links to test for you in it’s search for login form. You can add some your own links as well by simply modifying file with these links.

Learn how to create a responsive login form with CSS.

Click on the button to open the login form:

How To Create a Login Form

Step 1) Add HTML:

Add an image inside a container and add inputs (with a matching label) for each field. Wrap a

element around them to process the input. You can learn more about how to process input in our PHP tutorial.

Example

Step 2) Add CSS:

Example

/* Bordered form */
form <
border: 3px solid #f1f1f1;
>

/* Full-width inputs */
input[type=text], input[type=password] <
width: 100%;
padding: 12px 20px;
margin: 8px 0;
display: inline-block;
border: 1px solid #ccc;
box-sizing: border-box;
>

/* Set a style for all buttons */
button <
background-color: #04AA6D;
color: white;
padding: 14px 20px;
margin: 8px 0;
border: none;
cursor: pointer;
width: 100%;
>

/* Add a hover effect for buttons */
button:hover <
opacity: 0.8;
>

/* Extra style for the cancel button (red) */
.cancelbtn <
width: auto;
padding: 10px 18px;
background-color: #f44336;
>

/* Center the avatar image inside this container */
.imgcontainer <
text-align: center;
margin: 24px 0 12px 0;
>

/* Avatar image */
img.avatar <
width: 40%;
border-radius: 50%;
>

/* Add padding to containers */
.container <
padding: 16px;
>

/* The “Forgot password” text */
span.psw <
float: right;
padding-top: 16px;
>

/* Change styles for span and cancel button on extra small screens */
@media screen and (max-width: 300px) <
span.psw <
display: block;
float: none;
>
.cancelbtn <
width: 100%;
>
>

How To Create a Modal Login Form

Step 1) Add HTML:

Example


class=”close” title=”Close Modal”>×

Step 2) Add CSS:

Example

/* The Modal (background) */
.modal <
display: none; /* Hidden by default */
position: fixed; /* Stay in place */
z-index: 1; /* Sit on top */
left: 0;
top: 0;
width: 100%; /* Full width */
height: 100%; /* Full height */
overflow: auto; /* Enable scroll if needed */
background-color: rgb(0,0,0); /* Fallback color */
background-color: rgba(0,0,0,0.4); /* Black w/ opacity */
padding-top: 60px;
>

/* Modal Content/Box */
.modal-content <
background-color: #fefefe;
margin: 5px auto; /* 15% from the top and centered */
border: 1px solid #888;
width: 80%; /* Could be more or less, depending on screen size */
>

/* The Close Button */
.close <
/* Position it in the top right corner outside of the modal */
position: absolute;
right: 25px;
top: 0;
color: #000;
font-size: 35px;
font-weight: bold;
>

/* Close button on hover */
.close:hover,
.close:focus <
color: red;
cursor: pointer;
>

/* Add Zoom Animation */
.animate <
-webkit-animation: animatezoom 0.6s;
animation: animatezoom 0.6s
>

Tip: You can also use the following javascript to close the modal by clicking outside of the modal content (and not just by using the “x” or “cancel” button to close it):

Example

Tip: Go to our HTML Form Tutorial to learn more about HTML Forms.

Tip: Go to our CSS Form Tutorial to learn more about how to style form elements.

Ever heard about W3Schools Spaces? Here you can create your website from scratch or use a template, and host it for free.

Joomla is a great system to use when you want to build almost any kind of a website you can imagine. It’s quite versatile and has a lot of great tools in the admin panel. Once you’ve finished your installation of Joomla, you can get right to work building your vision of the perfect website.

Before you can start building your website, though, you’ll need to know how to log into Joomla.

The admin area is where all of the work for the website is completed. Everything from creating content to performing various maintenance tasks are available with just a click of the mouse.

In this Joomla login tutorial, I’m going to show you how to access the admin area as well as what you can do in the event you lose the password.

Accessing the Admin Login Page via URL

By default, Joomla will install the admin area by using the URL: “https://ggexample.com/administrator.” Of course, you’ll want to change the “ggexample.com” to your website address.

Access Joomla admin login page by typing in your website address followed by “/administrator.”

How to login to a website as an admin

Input your username and password. Once you entered your credentials, click the “Log in” button to continue.

Accessing the Admin Login Page via cPanel

Joomla allows developers to customize where the platform is installed. You can place it with the primary root folder, subdomain or saved as a separate directory on the site.

Because of this, sometimes people forget where the folder is located on the website. Not to worry. I can help you track it down through cPanel.

Using Softaculous

Joomla is very easy to install and set up by using Softaculous. After inputting your site’s information, the system will do the rest automatically. Luckily, you can find where Softaculous placed the Joomla login from within its software.

From cPanel, find and click the “Softaculous Apps Installer.”

How to login to a website as an admin

On the top right of Softaculous, you’ll see a control panel of tools. Click the “All Installations” icon. It will look like a file box.

How to login to a website as an admin

Find the installation of Joomla you need based on your website address. If Joomla is the only item you’ve installed, this will be pretty easy to find. In my example, you’ll see how I have a few things installed.

On the far right, you’ll see an icon of a pencil. Click this image to access the “Edit Details” screen.

How to login to a website as an admin

Scroll down to the “Info” window to show your Admin URL as well as other site data. Click the link that is shown to the right of the “Admin URL.” This will open your Joomla admin login screen.

How to login to a website as an admin

Using File Manager

In cPanel, there is a tool called “File Manager.” This integrated application gives you access to all of the files and folders located on your website. It’s a very useful program to learn as it will help in a variety of tasks such as troubleshooting or modifying pages within the site.

In this instance, we want to use it to figure out where the Administration folder is located. Click the “File Manager” link in cPanel to open the tool.

How to login to a website as an admin

Click the “public_html” folder in the left panel. This next area shows you all of the files and folders that are related to your website that are accessible through your web browser.

How to login to a website as an admin

Explore the folders until you find your Joomla installation. Look for the “Administrator” folder and click into it. Take note of the file path in the left. Everything after “public_html” is going to be the path you’ll use to access your Joomla login screen. In my case, it’s “/Joomla/administrator.”

How to login to a website as an admin

Now, there are two distinct ways your site can be set up with this path. The correct one depends on how you set it up when you first installed Joomla. These two paths are:

  • Set up as a subdomain, in which case your admin login is located at https://joomla.ggexample.com/administrator
  • Set up as a separate directory, in which case the login is located at https://www.ggexample.com/Joomla/administrator

Web hosts handle subdomains differently, and it may be related to how they have the primary domain set up on their end. What this means is that you may have a subdomain at https://www.joomla.ggexample.com. Take notice of the “www” prefix.

If you don’t know which one you have, contact your web host.

What if you lost your Admin username or password?

A lot of people create elaborate usernames and passwords to promote stronger security practices for the website. Unfortunately, sometimes users forget how these credentials were set up or the special characters they use. I know I’ve placed a few characters in the wrong spot before.

Resetting or retrieving this information isn’t a difficult process with Joomla.

Access from the Admin Login Screen

In the Joomla login screen, there are question mark icons next to both the username and password fields. Clicking either of these buttons will open the window to access that information and have instructions emailed to you. All you need to remember is which email address you have registered in Joomla.

How to login to a website as an admin

Using Softaculous to Set Up New Admin Password

Access Softaculous as I mentioned above and scroll down to the “Admin Account” area. Input the current admin username and enter a new “Admin Password.”

This will be the admin name you used when setting up the Joomla installation through Softaculous.

How to login to a website as an admin

Scroll down and click the “Save Installation Details” button.”

How to login to a website as an admin

Once you log into Joomla, you can begin to put together something amazing to drive in the traffic. Although the process starts with good web hosting, your success will still rely on the kind of presence you put out there on the Internet. Whether it’s a simple blog or a platform to drive your online business, Joomla can handle it all.

You can log in to Shopify on desktop, or by using the Shopify app for iPhone or Android.

If you enter an incorrect password during login, then you’ll be asked to verify that you are not a robot on your next login attempt. You’ll also be asked to complete verification steps if your browser is in private or incognito mode, or if you cleared your browsing history since your last login to Shopify. You need to wait for all images to load in each verification step before you click Verify.

For information about resetting your password, see Resetting your password. If you forgot the email address that you use to log in to Shopify, then contact Shopify support.

Log in to your Shopify admin on desktop

Steps:

Go to your Shopify login page.

Enter your store domain or your custom store domain and click Next.

Enter your email and click Continue.

Enter your password and click Log in.

If you’ve logged in to your store on the same device before, then your store might already be listed on the login page. In that case you can log in by selecting your store, and you won’t be prompted again to enter your email address.

Install and log in to the Shopify app

  1. Download the Shopify app.
  2. When the app is installed, tap it to open it.
  3. If you already have a Shopify account, then tap Log in and enter your email address and password for your Shopify store. If you want to start a new Shopify account, then tap Sign up.

If you have multiple Shopify stores linked to an email address, then enter the domain ending in .myshopify.com that you want to log in to, and then tap Log in.

If you’ve forgotten your Shopify account password, then you can tap Log in and Forgot password? to reset it.

Tap Log in.

Log in to multiple accounts

Steps:

  1. When you’re logged in to the Shopify app, tap Store.
  2. Tap the account name at the top of the screen.
  3. Tap Log in to existing store.
  4. Enter the email address and password for the account that you’re logging in to.
  5. Tap Log in.

The account that you’ve just logged in to is now the active account. To see the information for a different account, you can switch accounts.

View a different account

Steps:

  1. From the Shopify app, tap Store.
  2. Tap the account name at the top of the screen.
  3. Tap the account that you want to view.

Log out of an account

Steps:

  1. From the Shopify app, tap Store, and then tap Settings.
  2. Choose whether to log out of only the active account, or all accounts.
  3. Tap Log out.

Install and log in to the Shopify app

Steps:

  1. Download the Shopify app.
  2. When the app is installed, tap it to open it.
  3. If you already have a Shopify account, then tap Log in and enter your email address and password for your Shopify store. If you want to start a new Shopify account, then tap Sign up.

If you have multiple Shopify stores linked to an email address, then enter the domain ending in .myshopify.com that you want to log in to, and then tap Log in.

If you’ve forgotten your Shopify account password, then you can tap Log in and Forgot password? to reset it.

Tap Log in.

Log in to multiple accounts

Steps:

  1. When you’re logged in to the Shopify app, tap Store.
  2. Tap the account name at the top of the screen.
  3. Tap LOG IN TO EXISTING STORE.
  4. Enter the email address and password for the account that you’re logging in to.
  5. Tap LOG IN.

The account that you’ve just logged in to is now the active account. To see the information for a different logged in account, you can switch accounts.

How to login to a website as an admin

Over the last few years, our websites have been subject to regular attacks. One of the most common attacks was sending bots to repeatedly attempt to login to our admin area. Some of the attacks were severe enough to slow or crash our website.

We’ve stopped those attacks from happening by creating an additional layer of security for our admin areas.

We keep hackers out of your admin area is to create an additional username and password via a file called htpasswd. That extra password screen prevents the bots from reaching our admin login and has eliminated problems with repeated login attempts.

This tutorial will show you how to do that in three easy steps. Let’s get started.

1) Navigate to Your Admin Area

Use your host’s file manager or FTP to access the admin folder of your website. For example:

  • Joomla’s folder is /administrator
  • WordPress’ folder is /wp-admin

2) Create .htpasswd

In your admin folder, create a .htpasswd file with the following contents:

  • YourSecretUsername:YourSecretPassword

Replace the above username and password with any that you’d like.

3) Create .htaccess

Create a .htaccess file and add the following code to it:

AuthUserFile “/home/username/public_html/administrator/.htpasswd”
AuthName “Restricted Area”
AuthType Basic
require valid-user
RewriteEngine On
RewriteRule \.htpasswd$ – [F,L]

In the above code, switch /home/username/public_html/administrator to your host’s full path to your admin folder.

4) Additional Step for Drupal

If you’re using Drupal, you’ll need to do an additional step:

  • Install the Global Redirect module to force all URLs to the clean SEF URLs, so that your password protection can’t be by-passed.

That’s it. Now check your admin area and you should be prompted for the additional username and password.

Instructor

Nick is the Director of Support at OSTraining and you can find him in almost every area of the site, from answering support requests and account questions to creating tutorials and software.

The website “Admin panel (website back-end)” is the administrator view of your website. It is not visible to the general public/visitors but can be accessed by assigned site administrators through your various web browsers.

To access your Caribonix.com Admin panel (website back-end); please follow the following simple steps:

Step 1 – Access Your Login

There are a few ways to access the login page for your Admin panel (website back-end):

  1. You can navigate directly to your login page via:
    http://yourcompany.caribonix.com/signin
  2. You can navigate directly to your login page via:
    http://yourcompany.com/signin (if you have already Connected/Mapped an Existing Domain)

Step 2 – Enter Your Username and Password

Next, enter your “username” and “password” to login to your site.

How to login to a website as an admin

Please Note: Your “username” and “password” is generally sent via email to the email used/provided at sign up or account creation. For added security we automatically log you out of the Admin panel (website back-end) after 30 minutes of inactivity.

If you have forgotten your password, you can always click the “Lost your Password?” link below the login area. Are you still Unable to login into Admin panel (website back-end)? Read How Do I Recover or Change My Password?

The website “Admin panel (website back-end)” is the administrator view of your website. It is not visible to the general public/visitors but can be accessed by assigned site administrators through your various web browsers.

To access your Caribonix.com Admin panel (website back-end); please follow the following simple steps:

Step 1 – Access Your Login

There are a few ways to access the login page for your Admin panel (website back-end):

  1. You can navigate directly to your login page via:
    http://yourcompany.caribonix.com/signin
  2. You can navigate directly to your login page via:
    http://yourcompany.com/signin (if you have already Connected/Mapped an Existing Domain)

Step 2 – Enter Your Username and Password

Next, enter your “username” and “password” to login to your site.

How to login to a website as an admin

Please Note: Your “username” and “password” is generally sent via email to the email used/provided at sign up or account creation. For added security we automatically log you out of the Admin panel (website back-end) after 30 minutes of inactivity.

If you have forgotten your password, you can always click the “Lost your Password?” link below the login area. Are you still Unable to login into Admin panel (website back-end)? Read How Do I Recover or Change My Password?

Answered by:

Question

I have an asp.net website for a car dealership.

I wanted to create an admin site where personel from the dealership can add and delete cars to the site.

how do I get started? what shall I read up on? I’ve read some of the security knowledge to add login and user accounts and what not, but now I am after setting up the website to allow this.

do I need a sub domain to allow this? is that the only way?

the web hosting company I am using (discountasp.net) will make me pay more $5 a month to use sub domain

Answers

It is not necessary to have a sub domain for the admin panel. You can develop all the admin pages like login, add remove update cars etc in a separate folder. Say the folder name will be CarAdmin. You can host this folder at the existing url. For example if the existing url is http://www.carsite.com, then the admin url will be http://www.carsite.com/CarAdmin.

The dlls for the application will still be in the root bin folder and the common web.config will still be at the root folder.

  • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM

It quite straight forward, read the tutorial in the link I gave above, it will take you time to work through, but it will be worth it. ASP.NET takes care of all the security and adding the database tables to the existing database that you have, and allowing and disallowing different logged on people to access different folders or even pages in your site. It also shows you how to write the administration pages, so that you can add new users, change there settings, add them into roles, reset passwords, all through the site.

  • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM

All replies

It is not necessary to have a sub domain for the admin panel. You can develop all the admin pages like login, add remove update cars etc in a separate folder. Say the folder name will be CarAdmin. You can host this folder at the existing url. For example if the existing url is http://www.carsite.com, then the admin url will be http://www.carsite.com/CarAdmin.

The dlls for the application will still be in the root bin folder and the common web.config will still be at the root folder.

  • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM

Have a look here http://www.asp.net/web-forms/security Scott Mitchell has written a full tutorial on how to add asp.net security to a website, this is using SQL server. Its very good. You can probably miss the 3rd part, advanced topics if you are new to this.

Or is your question about how you should set up the adding and removing of the vehicles?

Let me know if I have mis-read and I will try to help further.

thanks for all the replies thus far.

Yes, I do need to read more on login and user accounts and security.. my question is more on how to add/setup those login pages and the secure pages.

so the site is actually themikesautosales.com and it uses sql 2008 database to store the vehicles, I have been using visual studio to add and delete vehicles from the database, I wanted to add a webpage to allow easy access to people that work at the dealership to add and remove cars.

and the first response says I can just add a new folder, that will work better for me. I’m sure there will be ways to secure all the pages and controls in that folder (just need to read more).. right?

Your website’s admin is the control panel of your site. This is the behind-the-scenes area where you can make changes to your website’s content. Some users will be able to make changes to their website’s page titles, meta descriptions, and navigation as well. If you’d like this ability, talk to your storEDGE administrator about adjusting your user permissions to allow you access to edit your site’s page settings.

⚠ For the best experience editing and publishing content to your website, we recommend that you use Google Chrome as your browser when using your website’s admin.

How to log in to your marketing website:

To access your website’s admin, go to your website’s URL and scroll down to the footer of your website. Click the Admin button in the bottom right corner. Enter your storEDGE username and password and click Sign in.

Once you’re signed in to your website’s admin, you’ll see a list of your website’s pages and your admin’s vertical navigation bar on the left of your screen.

How to login to a website as an admin

Admin navigation

Your admin’s navigation is a vertical column on the left side of your admin’s home screen.

    The Home button is represented by four squares. This button takes you to your admin home screen, where you can see a list of the pages on your website.

* Adding a page, adjusting style settings, and adjusting your website’s primary layout are not accessible to you at this time. If you’d like to make adjustments to these aspects of your website, contact storEDGE and we will assist you.

** The ability to make changes to your page settings is controlled by a user permission. If you’d like permission to edit page settings, please contact [email protected] and we’ll adjust this permission.

There are additional navigation options in the top horizontal menu bar of your screen.

The eye icon will open the live version of your website in a new tab. The question mark icon will open the storEDGE help site in a new tab, and the dropdown next to your initials allows you to logout of storEDGE.

Page status icons

Each page listed on your website will have a page status icon to help you easily see which pages on your site are live or have unpublished changes.

The checkmark icon next to a page means that the page is live on your website and has no unpublished changes.

The exclamation mark icon next to a page means that the page is live on your website and has changes that have not yet been published.

Page actions

On the right of your admin home screen, you’ll notice that each page on your website has an eye icon and a dropdown menu next to it.

How to login to a website as an admin

This area gives you several options:

  • View Live : Clicking the eye icon will open the live version of a page.
  • Edit: Clicking Edit will open the editing view of the page and allow you to make changes.
  • Settings : Selecting Settings for a page takes you to its page settings , where you can edit its page title and meta description. *
  • Publish : Selecting Publish will publish any edits to a page that have been saved.*

* The ability to edit page settings and publish changes are controlled by user permissions.

Share this.

Many times when running a scan of any URL to find its vulnerabilities. Pentesters or security researchers tries to find admin page. Landing on any admin page of any website is a critical vulnerability for any website. Because attackers could run session hijacking attacks or use brute force methods to steal login credentials of admin page. Many times developers forget to patch admin panel. According to ethical hacking researcher international institute of cyber security recently there has been many vulnerabilities came up which redirects end users to admin panels. We will show a method to find admin page of any website.

  • For testing we will use Kali Linux 2018.4 amd64. Open terminal type git clone https://github.com/mIcHyAmRaNe/okadminfinder3.git
  • Type cd okadminfinder3/
  • Run ls
  • Then type chmod u+x requirements.txt
  • Type ls -ltr
  • Type pip3 install -r requirements.txt
  • Type ./okadminfinder.py –help
  • Type ./okadminfinder.py -u testphp.vulnweb.com
  • Testphp.vulnweb.com is common testing website. Used for running various scans.
  • You can also use proxies or TOR service for hiding your identity.
  • Type ./okadminfinder.py -u testphp.vulnweb.com OR type ./okadminfinder.py -r -u testphp.vulnweb.com
  • -r is used for random user agent.
  • -u is used for target URL. Target URL is testphp.vulnweb.com
  • Above shows the admin page of testphp.vulnweb.com

How to login to a website as an admin

admin page of testphp.vulnweb.com

  • Above you can refer admin page of the website.
  • Let’s try on another sites.
  • Type ./okadminfinder.py -u www.arifhabib.com.pk
  • -u is used for target URL. Target URL – www.arifhabib.com.pk
  • Opening the webpage in web browser.

How to login to a website as an admin

admin page of www.arifhabib.com.pk

  • Knowing admin page of any website puts an potential risk to website owner.
  • Now we try with TOR anonymity.
  • Type ./okadminfinder.py –tor -u exide.com.pk/
  • –tor – It will used TOR service for finding target website admin page.
  • For starting type sudo service tor start
  • For checking TOR service running status. Type ps -ef | grep tor
  • -u is used for target URL. Target URL – exide.com.pk/
  • Opening the exide admin page.

How to login to a website as an admin

admin page of exide.com.pk

  • Above shows the admin page using TOR proxies. It might take time while using TOR. But it will find the available admin page.

Check youtube link to see the practical of okadminfinder3