VulnHub - GameOver vm - Hackademic_Challenges - challenge 009

This one took me a while to get done, as Nikto send me on a lot of while goose chases, with the results.

I created a new User Agent to include the shell (from the description):



,which was uploaded as prwtoftyari.gr and noticed in my BurpSuie the 'adminpanel.php' link:








The logon information was in a file called:
sUpErDuPErL33T.txt

Top Secret Information:
---------------------------------------
username: Admin
password: teh_n1nj4_pwn3r
email : admin@prwtoftyari.gr
---------------------------------------