Gaining phpMyAdmin Access

Опубликовано: 01 Январь 1970
на канале: VISTA InfoSec

5,972

Gaining access using vulnerable application could lead to compromise of the systems. Likewise here we take advantage of one vulnerability and gain access to the entire webserver. We identify the services running on the system and start enumerating these services. Further we check for known vulnerabilities and their exploits, which could compromise the system in gaining a shell to the system. Once a shell is accessible, it’s upon us for further attacks or post exploitation of the system.

However our aim is to get authorised access to the system using their own set credential for phpMyAdmin. Firstly, we use their credentials since if the logs are monitored it will display logins from the authorised accounts. Secondly, creating another user may indicate a red flag and will lead to identify the system has already been compromised. Hiding our anonymity this way would lead them to consider that the credentials had been compromised and they may change their password at most. Which hides our way into the system.

Stay Connected
🐥Twitter:   / vistainfosec
🛄 Linkedln:   / vista.  .
👍 Facebook:   / vistainfosec

More Free Resources
Blog: https://www.vistainfosec.com/blog/
Webinars: https:https://www.vistainfosec.com/webinar.php
Videos: https://www.vistainfosec.com/media-vi...

About Us
Established in 2004, VISTA InfoSec is involved from Day one in providing vendor-neutral consulting services in the areas of Information Risk Compliance and Infrastructure Advisory Services. Vista Infosec most commonly provides advice on SOC 1, SOC 2, PCI DSS, HIPAA, HITRUST, GDPR, ISO 27001. Having offices in Mumbai, Singapore, USA and offering services to clients all over the world.

For more about Vista InfoSec: https://www.vistainfosec.com/
Contact us today: https://www.vistainfosec.com/contact-...
Phone Number: +91 99872 44769
Email: [email protected]