… you are asking for trouble. I learned this valuable lesson past weekend. You need to protect your phpMyAdmin folder from outside world or you are asking for trouble.
I went to a conference about security called Hackintosh, where we had a competitive event called ‘Capture the Flag’. The event was structured like a game and consisted of 10 different levels. At each level, you have to solve a problem by hacking into a sample application using some vulnerability. Each level had problems in increasing order of complexity and most of them were very interesting.
After about 4 levels, I found out that the phpMyAdmin folder of the server, in which the event site was hosted, was public. I logged into the database (it didn’t asked me for the password) and updated the level column corresponding to my username row to 10. That’s it, I conquered the flag. In the end, I ended up hacking the Hackintosh 😉
Jokes apart, the valuable lesson I learned from this event is that you should never leave the phpMyAdmin folder (if installed) open. You can do the following instead.
- Totally get away with phpMyAdmin and connect to the database using port forwarding in PuTTY.
- If you cannot get away with phpMyAdmin, then at least password protect the folder and database access.
- If you cannot password protect the folder at least rename it. (Not recommended at all)
So do you still have your phpMyAdmin folder open? 🙂
Great hack. Congratulations on *hacking* all the flags! You have learned the priceless lesson.
Let me go into a big more details of your hack, as it highlights the importance of fingerprinting: when performing a formal pentesting, it is crucial to have a clear picture of the entire site, including installed applications, location, version etc.
Take phpMyAdmin for example, it is a very good bet to look for phpMyAdmin to break into the site when you are conducting a small-medium sized website. However, you need to figure out its path, there are couple ways for doing it: google hack, guess – base upon experience or learned information, bruteforce, learn it from page sources etc. (Note: the path is case sensitive on Linux, on phpmyadmin != phpMyAdmin) Once you figured out the path, then you will need to break into the it, by either applying known vulnerabilities (base upon its version), or attack its weak configuration. And hey, don’t forget phpMyAdmin (as well other open source apps) are open source, which means you own their source code, so?….you know what I meant 🙂
Again, thanks for attending hackintosh and I wished you enjoyed the presentations & ctf. It would be great if you can send me some feedback of how you thought about the event and what can be improved.
Thanks!
@InfySEC Staff,
Thanks for the event. Yes the *lesson* learned was priceless 🙂
Will send a mail to you guys with my feedback. BTW is it possible to get copies of the presentation which were made during the event?
can i hv ur chat id sudarmuthu.thanks
vino
@Vino,
Sure 🙂
Send you an email with my details.
This is very interesting, i never knew there are such practical events based on hacking, it must be great. Hacking seem to be a good field.
Hi Mayur. Check out our new upcoming hackEDGE 2010 – 2 Days Ethical Hacking Hands-On Practical Workshop program in Chennai, TamilNadu.
http://www.infysec.com/events/hackedge/
Thanks!
Hello
Im Kevin 🙂 I won the same hacking ctf held @ ssn by completing 5 levels .
The prize was a laptop 😀 .
Can u make a tutorial or something on how to do this in a detailed manner ? 🙂
I like to learn stuff .
I googled a lot but couldnt get a proper answer 🙁 .
It’d be nice if you could do it 🙂
Thank You .
Nice Website !
Good Luck !!