Admin Panels are the administrator’s house where administrators have the authority to manage the internal architecture of the web-based application. This interior architecture consists of some sensitive files and directories which are hidden for regular users. So being a penetration tester, breaking into the high privileged user is a milestone. So to achieve this milestone, first of all, we need to detect the admin panel’s or the login pages, which the tester can test and try to take over the authority of the administrator to access the sensitive data. OKadminFinder is an automated script that helps the tester to detect the admin panels on the target domain. This tool is fully automated and developed in the Python language. OKadminFinder tool is open-source and free to use. OKadminFinder supports the tor and proxy feature to stay anonymous or hide your identity.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux
Installation of OKadminFinder Tool on Kali Linux
Step 1: Check whether Python Environment is Established or not, use the following command.
Step 2: Open up your Kali Linux terminal and move to the Desktop directory using the following command.
Step 3: You are on Desktop now, create a new directory called OKadminFinder using the following command. In this directory, we will complete the installation of the OKadminFinder tool.
Step 4: Now switch to the OKadminFinder directory using the following command.
Step 5: Now you have to install the tool. You have to clone the tool from GitHub.
git clone https://github.com/mIcHyAmRaNe/okadminfinder3.git
Step 6: The tool has been downloaded successfully in the OKadminFinder directory. Now list out the contents of the tool by using the below command.
Step 7: You can observe that there is a new directory created for the OKadminFinder tool that has been generated while we were installing the tool. Now move to that directory using the below command:
Step 8: Once again to discover the contents of the tool, use the below command.
Step 9: Download the required packages for running the tool, use the following command.
pip3 install –user -r requirements.txt
Step 10: Now we are done with our installation, Use the below command to view the help (gives a better understanding of the tool) index of the tool.
python3 okadminfinder.py -h
Working of OKadminFinder Tool on Kali Linux
Example 1: Target URL
python3 okadminfinder.py -u geeksforgeeks.org
1. In this example, We are searching the admin panel on the target domain geeksforgeeks.org. We have specified the domain URL in the -u tag.
2. In the below Screenshot, You can see that we have got the results or the admin panel links that are detected on the target domain.
Example 2: Use randomly selected User-Agent
python3 okadminfinder.py -u geeksforgeeks.org -r
1. In this example, We are using the randomly selected User-Agent. -r tag is used to select the random user-agent.
2. In the below Screenshot, We have got the result of our above scan.
Example 3: Display more information
python3 okadminfinder.py -u testphp.vulnweb.com -v
In this example, We will be displaying some additional or detailed information of our scan. -v tag is used to get detailed information. We have got the Server, Hostname, X-Powered-By details about our target.
Example 4: Interactive interface
python3 okadminfinder.py -i
1. In this example, We will be using the interactive mode which is provided by the tool. -i tag is used to enabling the interactive mode of the tool.
2. In the below Screenshot, We have got the information about our target domain geeksforgeeks.org and the tool is checking for the admin panels on the Server of geeksforgeeks.org.