@drUIdmoz said:
okay this config file- I don’t know where you guys are finding a password in plain text; I’ve looked through enum scrips; did lots of manual enum; like lots and lots of manual enum… grepped everything for ‘pass’ or ‘password’ also; find / -name “config”/“password” etc etc… went back to my nmap… looked through all the directories disallowed… i’m just like… lost where is this plain text password… someone said it was straight forward… O.o …I can’t tunnel without some ssh cred action… used curl to check out the H2… but I can’t do anything with it.
…atleast from my current understanding… help guys?
I hope this isn’t to much of a spoiler. But maybe you should check where the config settings are stored for the CMS this server is running.