When I arrived at the Japanese site, I found that HtAdmin was installed.
User-agent: * Disallow:/admin_xxx/Disallow:/grxh/Disallow:/x/Disallow:/HTAdmin/Disallow:/xid/Disallow:/pex_xx/Disallow:/ex_txxt/
~ Google will see the following instructions on the official website:
Basic and simple PHP tool for administrating Apache. htpasswd files.
To put it bluntly, it is a php script for managing Apache htpasswd and htaccess files.
After the download, the default username and password are set up locally in config. php: admin/password.
Log on to the target site for testing.
There is user information for directory management settings ~ Use md5 or DES to encrypt the password ~ DES ~ for the target site ~
Similar to kokushi: 53Ce4. wXlRPQs: The ciphertext can be cracked by John ~
Open a ps.txt file in the directory from bt4to johnand copy the ciphertext to execute john ps.txt.
It's really face-saving ~ It broke in 1 second ~
Switch directly to the Administrator directory and use the cracked password and login ~ In addition, you can also use this SSH, FTP ~ And Rsync ~ High success rate ~~ The next intrusion process is not the end point ~