File tree Expand file tree Collapse file tree 1 file changed +7
-6
lines changed Expand file tree Collapse file tree 1 file changed +7
-6
lines changed Original file line number Diff line number Diff line change @@ -35,12 +35,13 @@ Have some fun! There might be multiple ways to get user access.
3535 Seems good.
3636 - Visit `http://<TARGET_IP>/content/` on browser.
3737 - `gobuster dir -u http://<TARGET_IP>/content/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt`
38- - /images (Status: 301)
39- /js (Status: 301)
40- /inc (Status: 301)
41- /as (Status: 301)
42- /_themes (Status: 301)
43- /attachment (Status: 301)
38+ - /images (Status: 301)
39+ /js (Status: 301)
40+ /inc (Status: 301)
41+ /as (Status: 301)
42+ /_themes (Status: 301)
43+ /attachment (Status: 301)
44+
4445 Interesting...
4546 - In `http://<TARGET_IP>/content/inc` there is `mysql\_backup` folder. Download the .sql file inside.
4647 - Open it with or something similar. You should read a line with a passwd header and the a hashed value.
You can’t perform that action at this time.
0 commit comments