Author Topic: Access website through admin user + pass (Read 269 times)

OneHappyTaco · « **on:** February 01, 2013, 08:50:37 pm »

I have just finished some sql injection on a site and have discovered a user and password for the administrator. I do not intend to deface the website or mess with it in any way. This was simply a test and the only results to a test, are fail or succeed. Now since I have discovered the user and password but there is no login at all in the site...
So my question is, how do admins access their sites with no login?

A3MIRAL · « **Reply #1 on:** February 01, 2013, 08:52:20 pm »

Depends what the account is for? Port scan could reveal FTP, SSH, those are most likely options

grinch · « **Reply #2 on:** February 01, 2013, 08:53:35 pm »

u need to figure out what you have. Is the the sql root password? Is it the admin pass for the websites control panel? is it the ftp login to the site to add or remove .html files? Could be ssh credentials

OneHappyTaco · « **Reply #3 on:** February 01, 2013, 08:56:38 pm »

That's what i thought at first, but then I scanned with nmap and the only two ports open were
443
80
LOL *facepalm*

iNinjas

Author Topic: Access website through admin user + pass (Read 269 times)

OneHappyTaco

Access website through admin user + pass

A3MIRAL

Re: Access website through admin user + pass

grinch

Re: Access website through admin user + pass

OneHappyTaco

Re: Access website through admin user + pass