we have lfi
work
there have a db.php
we can use
and we have sql cred
on news DB, we can see some cred
crackstation show us some cracked hash rsmith:IHateEric2
rsmith:IHateEric2
work!
we can write output file
get a beacon
since we are system user on labdc, we can dump KRBTGT user hash and create golden ticket with mimikatz
Last updated 1 year ago
php://filter/convert.base64-encode/resource=C:\xampp\htdocs\dev\db.php