主机层面扫描: ╰─ nmap -p1-65535 -sV -A 10.10.202.135Starting Nmap 7.70 ( https://nmap.org ) at 2019-08-09 14:58 CSTNmap scan report for 10.10.202.135Host is up (0.0012s latency).Not shown: 65516 closed portsPORT STATE SERVICE VERSION21/tcp open ftp vsftpd…

镜像下载地址: https://www.vulnhub.com/entry/lampsecurity-ctf6,85/ 主机扫描: ╰─ nmap -p- -sV -oA scan 10.10.202.130Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-21 08:57 CSTNmap scan report for 10.10.202.130Host is up (0.0029s latency).Not shown: 65525 clo…

靶机地址: https://www.vulnhub.com/entry/hacker-fest-2019,378/ 主机扫描: FTP尝试匿名登录 应该是WordPress的站点 进行目录扫描: python3 dirsearch.py http://10.10.203.17/ -e html,json,php 此外还有一个phpmyadmin http://10.10.203.17/phpmyadmin/index.php 使用wpscan扫描检测插件漏洞 wpscan --url http:…

下载地址: https://www.vulnhub.com/entry/ha-infinity-stones,366/ 主机扫描: 目录枚举 我们按照密码规则生成字典:gam,%%@@2012 crunch 12 12 -t gam,%%@@2012 -o dict.txt ╰─ aircrack-ng -w dict.txt reality.cap gamA00fe2012 http://10.10.202.134/gamA00fe2012/realitystone.txt REALITYST…

靶机下载: https://www.vulnhub.com/entry/grimtheripper-1,350/ 主机层面端口扫描: ╰─ nmap -p1-65535 -A 10.10.202.153Starting Nmap 7.70 ( https://nmap.org ) at 2019-09-02 11:19 CSTNmap scan report for 10.10.202.153Host is up (0.0024s latency).Not shown: 65533 closed…

靶机链接: https://www.vulnhub.com/entry/ha-chanakya,395/ 网络主机探测: 主机端口扫描: nmap -p- -sC -sV 10.10.202.136 FTP 有认证 HTTP目录枚举(dirb和dirsearch 多种工具使用枚举) dirb http://10.10.202.136 -X .php,.txt,.html,.xml,.yml,.json ---- Scanning URL: http://10.10.202.136/ ----+…

0x01 前言 MERCY是一个致力于PWK课程安全的靶机系统.MERCY是一款游戏名称,与易受攻击的靶机名称无关.本次实验是攻击目标靶机获取root权限并读系统目录中的proof.txt信息 靶机的下载地址: https://drive.google.com/uc?id=1YzsW1lCKjo_WEr6Pk511DXQBFyMMR14y&export=download(注意确认下载镜像中MERCY.mf的sha256值是否正确) 0x02 信息收集 1.存活主机扫描 root@kali2018…

下载地址: https://www.vulnhub.com/entry/ha-joker,379/ 主机扫描: ╰─ nmap -p- -sV -oA scan 10.10.202.132Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-23 11:53 CSTNmap scan report for 10.10.202.132Host is up (0.0014s latency).Not shown: 65532 closed portsP…

下载地址: https://www.vulnhub.com/entry/ha-isro,376/ 主机扫描: ╰─ nmap -p- -sV -oA scan 10.10.202.131Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-21 17:09 CSTNmap scan report for 10.10.202.131Host is up (0.0038s latency).Not shown: 65532 closed portsPO…

镜像下载链接: https://www.vulnhub.com/entry/dc-8,367/#download 主机扫描: http://10.10.202.131/?nid=2%27 http://10.10.202.131/?nid=2%20and%201=2 # false http://10.10.202.131/?nid=2%20and%201=1 # true http://10.10.202.131/?nid=-2+union+select++(CONCAT_WS(0x203a2…