DB
Although there isn’t any SQL service running in the background according to the enumeration made, I found a configuration file.
www-data@friendzone:/var/www$ ll ll
total 36K
4.0k drwxr-xr-x 2 root root 4.0k sep 13 17:53 friendzoneportaladmin
4.0k drwxr-xr-x 4 root root 4.0k sep 13 17:53 friendzone
4.0k drwxr-xr-x 3 root root 4.0k sep 13 17:53 admin
4.0k drwxr-xr-x 12 root root 4.0k sep 13 17:53 ..
4.0k drwxr-xr-x 2 root root 4.0k sep 13 17:53 friendzoneportal
4.0k drwxr-xr-x 8 root root 4.0k sep 13 17:53 .
4.0k drwxr-xr-x 3 root root 4.0k sep 13 17:53 uploads
4.0k drwxr-xr-x 3 root root 4.0k sep 13 17:53 html
4.0K -rw-r--r-- 1 root root 116 Oct 6 2018 mysql_data.confmysql_data.conf is the configuration file for DB
www-data@friendzone:/var/www$ cat mysql_data.conf
for development process this is the mysql creds for user friend
db_user=friend
db_pass=Agpyu12!0.213$
db_name=FZThe file contains a CLEARTEXT credential. The DB username matches the system username Password reuse?