After the question was opened, it showed Login Burte Force, thinking it was a blast, I took a dictionary and ran to no result. I scanned it and there was a weak password test:test.
The key is displayed on the admin interface. Yujian scans the background admin and no results are found, but robots.txt is found (it is very common to add this to the Yujian dictionary).
User-agent: * Disallow: /myadminroot/
You must log in by admin to open it, but the admin password in the front can't be figured out. Now it is just to deceive the user that the page is logged in to is admin.
Two methods are feasible:
Send the package directly with burp, log in to the post with admin once, and then modify the direct path to /myadminroot and post once again.
In fact, the same is true for the browser directly, regardless of the error after logging in:
Chrome keeps this session directly, and some browsers may automatically jump again, but this page will flash in the middle, and you can also see the packet capture.
Later, I saw useful code to achieve that, in fact, the background did not verify the login status, only verified the permissions of the logged-in user, maintained the logged-in Session session, and then went to access the background address to be OK.