How I Accessed an Admin Panel Without Touching the Keyboard

What’s up, hackers! Ranjan Yadav here, aka Zero, and I hope you’re all doing awesome! First off, huge shoutout for all the love on my last write-up — your support seriously fuels my drive. So, buckle up and put your seatbelt on, because today, I’ve got something wild for you. I’m going to take you through the crazy journey of how I accessed an admin panel without even touching the keyboard. Yes, you read that right — no typing, just pure automation and creativity.

Note: If you’re not super familiar with hacking, don’t worry — you can find vulnerabilities like this too! This story will show you just how simple it can be.

Let’s get into it!

For this hack, I kept things super simple. I used only Subfinder, Httprobe, and Aquatone — three powerful tools for asset discovery. When it comes to finding vulnerabilities, discovering hidden assets is a crucial first step. Without it, you’re flying blind. By automating the process, I quickly mapped out the target’s subdomains and identified potential entry points.

Asset discovery is really important — it’s like laying the groundwork for everything that comes after. Without finding those hidden corners of the internet, you might miss out on the goldmine. So, let me show you how I found mine!

To track down the admin panel, I relied on some essential tools for asset discovery and live subdomain detection. Here’s exactly what I did:

subfinder -dL wildcard.txt -sources crtsh,sublist3r,virustotal -rl 20 -recursive -o subdomain.txt

2.

Probing for Live Domains
Next, I needed to identify which of these subdomains were live. Using httpx-toolkit, I probed the subdomains over common web ports (443, 80, 8080, 8000, 8888):

cat subdomains.txt | httpx-toolkit -l subdomains.txt -ports 443,80,8080,8000,8888 -threads 100 > subdomins_alive.txt

3.

Screenshotting the Subdomains
After identifying the live subdomains, I ran Aquatone to generate screenshots of these URLs, making it easier to visually check for admin panels:

cat subdomins_alive.txt | aquatone

The Discovery
Once the screenshots were ready, I manually checked the responses — and boom! There it was, an admin panel sitting in plain sight, just waiting to be accessed.

The vulnerability I found was even more shocking — there was no login authentication at all! That’s right, the admin panel didn’t require any kind of login credentials to access it.

Description:

The admin panel was completely exposed to the public without any form of login authentication, meaning anyone with the URL could gain full access. This is a critical security flaw because administrative sections of websites are supposed to be restricted to authorized users only.

Risk:

Without login authentication, any attacker who stumbles upon the admin panel can instantly take over the system, access sensitive data, change configurations, and even cause major disruptions. This kind of vulnerability is a gateway for attackers to wreak havoc, making it one of the most dangerous oversights in web security.

This was the moment I discovered my first high-severity bug. Finding an admin panel with no login authentication was a huge win in my bug bounty journey. The risk of system compromise and unauthorized access was severe, and this vulnerability could have caused major damage if left unchecked.

It taught me a valuable lesson — sometimes, even the most basic security oversights can lead to critical findings. This experience boosted my confidence and showed me that persistence, combined with careful checks, can uncover serious vulnerabilities. As I continue on this path, I’m excited to find more bugs and contribute to making the web a safer place.

Alright hackers, that’s all for this one! Stay curious, keep hacking, and never stop learning. Happy hacking, happy hunting! See you in the next write-up!

Follow me on LinkedIn and X for more updates and insights.

BYE👋