How to Bypass Symlink in Apache Server - EPS-BLOG


Blog Teknologi Informasi


Minggu, 19 Juli 2020

How to Bypass Symlink in Apache Server

Welcome back to my fcking tutorial.
Im here to share to you how to Bypass Symlink in Apache Server.

Ok , in here you must have webshell access first , and there access have Apache server.

Ok , If you have the access lets go to the Proof of Concept:

In here i have the webshell Apache/2.4.25 server.
and path /var/www/clients/clients1337/

So lets try the Symlink:
First you must have Con7ext Shell for tools Bypass Vhost.
For example tools lets see the pict.

Ok lets click the "Bypass Vhosts"

After that click Bypass it

and open in new tab after succesfuly.

If the root path opened you succesfuly Bypass the Symlink , lets see my pict

Gotcha , lets grab the config!

Go to path the Symlink website , and check the CMS your Symlink website.

In here im have the WordPress CMS.

For grab the config WordPress CMS im use the command

ln -s /var/www/clients/clientsite/wp-config.php conf.txt

You can edit like your target Symlink path!

In here im use Auto Grabber in Con7ext Shell tools , im use Symlink404 tools.

So lets grab!

Put your config path in File Target:

Save as rename whatever do you want , and dont forget to put .txt in last name conf

After that click the "Eksekusi Gan"

So , open the result in new tab!

And BOOM! Symlink config grabbed!

Ok if you like this please share to your Friends

If you not understand you can ask in comment form!


3 komentar: