Tags: web misconfiguration

Rating: 5.0

After we started searching, we found 2 entry points and robots file:

/urlcapture.php

/robots.txt

Robots set to disallow web crawlers from /server-status.

Let's take a look for /urlcapture.php, this entry point captures url and converts to png.
Let's capture:

http://localhost/server-status

and we see server-status page.

If you look closely at the requests to the server, you can find request with root credentials.

![](https://user-images.githubusercontent.com/83348650/133912931-9d9c819e-3452-48d0-ab4a-9c3cb45ca492.png)