misc
- If website show old TLS error , configure firefox
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwipwdzdkNb9AhXbU2wGHU3hAOYQFnoECBsQAw&url=https%3A%2F%2Fpucit.edu.pk%2Fenable-tls-1-0%2F&usg=AOvVaw0peD1hJP6VTG6F8LxsEr-w
Login bypass in .php page
- Some time in login.php , password can be bypass
- intercept the request in burp
- suppose post rqst parameter is
- username=admin&password=admin
- change to username=admin&password[]=
- auth bypass successful
- this happen if , developer code like this
- if(strcmp($_REQUEST['password'], $password) == 0)
- Some time in login.php , password can be bypass
Cred in config-db.php if phpmyadmin is there
- find phpmyadmin dir after shell. in there look for config-db.php file which credential that can be used with other user
