|
|
|
|
|
|
by qingcharles
1000 days ago
|
|
|
I rooted a major web hosting provider back in the early 2000s by uploading a web shell as a profile pic (they weren't checking pictures were image files). Once I was in it didn't take long from rummaging around in the files to first find the database credentials in a config file, then eventually finding the root password to their servers, which in fact was simply "internet" o_O I was a nice guy so I sent them an email with their passwords and told them they might want to upgrade their forum software. |
|
|