Tags: web misconfiguration 

Rating: 5.0

After we started searching, we found 2 entry points and robots file:




Robots set to disallow web crawlers from /server-status.

Let's take a look for /urlcapture.php, this entry point captures url and converts to png.
Let's capture:
and we see server-status page.

If you look closely at the requests to the server, you can find request with root credentials.


Let's try this credentials on /admin.php