misc

If website show old TLS error , configure firefox https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwipwdzdkNb9AhXbU2wGHU3hAOYQFnoECBsQAw&url=https%3A%2F%2Fpucit.edu.pk%2Fenable-tls-1-0%2F&usg=AOvVaw0peD1hJP6VTG6F8LxsEr-w
Login bypass in .php page
- Some time in login.php , password can be bypass
  - intercept the request in burp
  - suppose post rqst parameter is
    username=admin&password=admin
  - change to username=admin&password[]=
  - auth bypass successful
- this happen if , developer code like this
  - if(strcmp($_REQUEST['password'], $password) == 0)
Cred in config-db.php if phpmyadmin is there
- find phpmyadmin dir after shell. in there look for config-db.php file which credential that can be used with other user

Last updated 1 year ago