Record phpmyadmin penetration tips

The following phpmyadmin tutorial column will introduce you to phpmyadmin penetration tips. I hope it will be helpful to friends in need!

##Just record it for yourself, if you all Don’t dislike it when you see it

Some website building software or fool-like building software phpmyadmin often uses ports 888 and 999

<br>

We can try to use nikto to detect the corresponding unauthorized Vulnerability

<br>nikto -host http://Test domain name address: 999/

setup This directory is sometimes not closed by the administrator because the default installation has great hidden dangers. Ha Cha Cha can also Using

we can directly operate without authorization. We can directly create a new server

<br>

We can also obtain cached sensitive information when authenticating the page

If you enter phpmyadmin, there are still many vulnerabilities that can be exploited (you can reproduce them yourself)

<br>

Tips: Query all directories with directory characteristics at once Let us judge the path more conveniently

show variables like "%dir%";

<br>

The above is the detailed content of Record phpmyadmin penetration tips. For more information, please follow other related articles on the PHP Chinese website!