READ Source code & binary

In order to have a quick win, you should read the source code for

Services 
1. Web site(s) files (source codes) that you have just exploited. 
2. Configuration files: 
      Apache
            /etc/httpd/conf 
            /etc/httpd/conf/httpd.conf 
            /etc/apache2/httpd.conf
            /etc/apache2/apache2.conf
      Nginx
            /etc/nginx
            /usr/local/nginx/conf
            /usr/local/etc/nginx
      php
            check with phpinfo() 
3. Database that the web site is connected. 
4. Home directory for the user that you have currently logged in. 
5. Any other locations such as /var/log /var/backups, etc.

PreviousQuick win - Sudo -l NextLocal Enumeration Tools

Last updated 2 years ago