A penetration test by CCID exposes many security problems.

Details determine everything! Old Rules ~ The main content is in the proof! I personally think that penetration is successful or not!
 0x001 ScanScanned! Locked this substation in http://goldpen.ccidnet.com! Scan through dirbuster! The. bash_history file is found! This file is used to manage historical files generated when the command line is used! Not at first! I was shocked ~ I found MYSQL operation information! The ROOT password is leaked! So careless ~ But it's useless to get the password now! Unable to open external links without insite injection ~ Another email is displayed! Record!0x002 crack the background PasswordDirbuster scans out admin! Weak Password admin ~ So I thought I saw an email address ~ Are you sure you want to manage the server administrator! Use this account as the background user ~ Try to guess the password! The obtained password is 123123. Successfully entered the background!0x003 get server PermissionsOld Version fckeditor is found in the background! You can upload any file! Get WEBSHELL ~ We found that webshell has been passed on! Run the ID command ROOT account!

This server and the main station server are in the same C segment! Further penetration is supported ~ But not in-depth! Penetration ends here! PS: This penetration is not malicious! Please forgive me ~
Solution:1. modify the mysql password and delete the sensitive files in the text. delete or upgrade the fckeditor program. 3. enhance administrator security awareness and change administrator password 4. the backend is not open to the public or the IP address is limited. isolate or downgrade web Permissions