Exfiltrated pg walkthrough Easy

80端口弱口令admin admin
发现cms 搜索exp 发现漏洞
https://www.exploit-db.com/exploits/49876

找到敏感数据库密码和用户

╔══════════╣ Searching passwords in config PHP files
/var/www/html/subrion/includes/api/storage.php:        return ($member && $member['password'] == $iaUsers->encodePassword($client_secret));
/var/www/html/subrion/includes/classes/ia.core.config.php:    const TYPE_PASSWORD = 'password';
/var/www/html/subrion/includes/config.inc.php:define('INTELLI_DBUSER', 'subrionuser');

然后就是提权有洞直接提
https://www.exploit-db.com/exploits/50911

posted @ 2024-11-22 17:35 WSssSW 阅读(6) 评论(0) 编辑收藏举报

刷新页面返回顶部

wssw

Exfiltrated pg walkthrough Easy

公告