↓Skip to main content

MYSQL

OFFSEC - Proving Grounds - SNOOKUMS

27 July 2025·2363 words·12 mins

OFFSEC PG PRACTICE MYSQL OPENSSL

PHP Gallery v0.8 has a RFI flaw. Use PHP shell, get michael’s MySQL creds, SSH in, find writable /etc/passwd via linpeas, set root password with OpenSSL and gain root.

OFFSEC - Proving Grounds - APEX

20 July 2025·2786 words·14 mins

OFFSEC PG PRACTICE OPENEMR MYSQL FILEMANAGER GOBUSTER

Exploit filemanager vuln on port 80 for OpenEMR SQL creds. Login to MySQL, get admin hash for app access. Use app exploit for initial access, reuse password for root escalation.