Use apmserv to build a site and use the default configuration to win server Permissions
The default configuration of apmserv is incorrect. If it is light, the directory content is exposed and the database is viewed. If it is heavy, the upload shell directly obtains the server 3389 permission and Baidu searches for "Index of Apache/2.2.9 (APMServ) mod_ssl/2.2.9 OpenSSL/0.9.8h PHP/5.2.6"
Many websites can be found, but not all webmasters are too stupid to directly use the mysql root Password...
I can find a lot in one day. Use this site to describe:
Http://shop.np5.com/
By default, apmserv lists directories. If there is no index file, for example:
Followed by phpmyadmin
Http://shop.np5.com/phpmyadmin/
With a blank password, you can log on directly to all databases at a glance. The next thing is to get the server permissions.
Upload the shell first. You need to know the installation directory of apmserv. This depends on the character. If the Administrator has not changed anything, the default configuration is used. That's easy,
Ping shop.np5.com
PING shop.np5.com (58.64.163.118): 56 data bytes
Ip Address: 58.64.163.118 open:
Then execute SQL in phpmyadmin to generate a sentence
After the execution is complete, 1234.php is generated.
What should I do later.
Http://shop.np5.com/phpmyadmin
Log on directly
Solution:
Solution: The administrator needs to learn more about the solution.