vulnhub - Geisha】的更多相关文章

目录 wakanda: 1 0. Description 1. flag1.txt 2. flag2.txt 3. flag3.txt Finished Tips Basic Pentesting: 2 0. Description 1. hydra user 2. john user 3. sudo user Finished Tips wakanda: 1 download url : https://download.vulnhub.com/wakanda/wakanda-1.ova 0.…
1.靶机信息 下载链接 https://download.vulnhub.com/breach/Breach-1.0.zip 靶机说明 Breach1.0是一个难度为初级到中级的BooT2Root/CTF挑战. VM虚机配置有静态IP地址(192.168.110.140),需要将虚拟机网卡设置为host-only方式组网.非常感谢 Knightmare和rastamouse进行测试和提供反馈.作者期待大家写出文章,特别是通过非预期的方式获取root权限. 目标 Boot to root:获得ro…
下载地址: https://www.vulnhub.com/entry/ha-joker,379/ 主机扫描: ╰─ nmap -p- -sV -oA scan 10.10.202.132Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-23 11:53 CSTNmap scan report for 10.10.202.132Host is up (0.0014s latency).Not shown: 65532 closed portsP…
下载地址: https://www.vulnhub.com/entry/ha-isro,376/ 主机扫描: ╰─ nmap -p- -sV -oA scan 10.10.202.131Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-21 17:09 CSTNmap scan report for 10.10.202.131Host is up (0.0038s latency).Not shown: 65532 closed portsPO…
镜像下载地址: https://www.vulnhub.com/entry/lampsecurity-ctf6,85/ 主机扫描: ╰─ nmap -p- -sV -oA scan 10.10.202.130Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-21 08:57 CSTNmap scan report for 10.10.202.130Host is up (0.0029s latency).Not shown: 65525 clo…
靶机地址: https://www.vulnhub.com/entry/hacker-fest-2019,378/ 主机扫描: FTP尝试匿名登录 应该是WordPress的站点 进行目录扫描: python3 dirsearch.py http://10.10.203.17/ -e html,json,php 此外还有一个phpmyadmin http://10.10.203.17/phpmyadmin/index.php 使用wpscan扫描检测插件漏洞 wpscan --url http:…
镜像下载链接: https://www.vulnhub.com/entry/dc-8,367/#download 主机扫描: http://10.10.202.131/?nid=2%27 http://10.10.202.131/?nid=2%20and%201=2 # false http://10.10.202.131/?nid=2%20and%201=1 # true http://10.10.202.131/?nid=-2+union+select++(CONCAT_WS(0x203a2…
下载地址: https://www.vulnhub.com/entry/ha-infinity-stones,366/ 主机扫描: 目录枚举 我们按照密码规则生成字典:gam,%%@@2012 crunch 12 12 -t gam,%%@@2012 -o dict.txt ╰─ aircrack-ng -w dict.txt reality.cap gamA00fe2012 http://10.10.202.134/gamA00fe2012/realitystone.txt REALITYST…
靶机链接: https://www.vulnhub.com/entry/sunset-nightfall,355/ 主机扫描: ╰─ nmap -p- -A 10.10.202.162Starting Nmap 7.70 ( https://nmap.org ) at 2019-09-09 14:23 CSTNmap scan report for 10.10.202.162Host is up (0.0013s latency).Not shown: 65529 closed portsPOR…
靶机下载地址: https://www.vulnhub.com/entry/dc-7,356/ 主机扫描: http://10.10.202.161/ Google搜索下: SSH 登录 以上分析得出:此脚本是root每三分钟执行一次,并且www-data用户具有写入权限,因此需要想办法获取此权限,进行写入shell反弹即可 https://www.digitalocean.com/community/tutorials/a-beginner-s-guide-to-drush-the-drupa…