Unauthorised access to Django Admin Dashboard by endpoint leaked on GitHub

Hi, everyone

My name is Santosh Kumar Sha, I’m a security researcher from India(Assam). In this article, I will be describing how I was able to Unauthorized access to Admin Dashboard by endpoint leaked by GitHub.

I am now offering 1:1 sessions to share my knowledge and expertise:

topmate.io/santosh_kumar_sha

TOOLS used for the exploitation

1. Subfinder (https://github.com/projectdiscovery/subfinder)

2. httpx (https://github.com/projectdiscovery/httpx)

3. gau(Corben) — https://github.com/lc/gau

4. waybackurls(tomnomnom) — https://github.com/tomnomnom/waybackurls

5. Aquatone

Story Behind the bug:

This is the write of my Recent bug that i found . While I was doing recon for gathering all domain from internet archives using waybackurls and gau and also by using subfinder. So, i collected all the subdomain from passive and active recon. And started resolving all the domain after resolving i run the aquatone to screenshot all the url. while taking the scrrenshot I came across an screenshot where it say “Django not found” error in one the url

Here it goes:

Suppose we assume the target name is example.com where every thing is in-scope like this: