osTicket
osticket is an open-source ticketing system. It is written in PHP and uses a MySQL database as the backend.
- GitHub (3.0k β)
- Documentation (βͺ)
π You can identify osTicket from the OSTSESSID
cookie.
As a pentester, compromising a ticketing platform is often handy.
-
π We may gain access to valid emails, either to access company-only platforms or perform social attacks
-
π΅ We may gain access to sensitive information
-
π« We may find usernames for other attacks
-
π We may be able to create users