- 2023-07-02Vulnhub: EvilBox:One靶机
kali:192.168.111.111靶机:192.168.111.130信息收集端口扫描nmap-A-sC-v-sV-T5-p---script=http-enum192.168.111.130secret目录爆破feroxbuster-k-d1--urlhttp://192.168.111.130/secret/-w/opt/zidian/SecLists-2022.2/Discovery/Web-Content/directory-li
- 2023-06-21Vulnhub: Corrosion靶机
kali:192.168.111.111靶机:192.168.111.130信息收集端口扫描nmap-A-sC-v-sV-T5-p---script=http-enum192.168.111.130目录爆破blog-post目录下存在两个目录对archives目录中的randylogs.php进行测试发现存在文件包含wfuzz-c-w/opt/zidian/SecLists-2022.2/Di
- 2023-06-18Vulnhub: ICA:1靶机
kali:192.168.111.111靶机:192.168.111.130信息收集端口扫描nmap-A-sC-v-sV-T5-p---script=http-enum192.168.111.130访问目标80,发现目标CMS为qdPM9.2搜索对应漏洞发现存在信息泄露searchsploitqdpm访问192.168.111.130/core/config/databases.yml得到目标
- 2023-06-07Vulnhub: Mission-Pumpkin v1.0: PumpkinGarden靶机
kali:192.168.111.111靶机:192.168.111.130信息收集端口扫描nmap-A-sC-v-sV-T5-p---script=http-enum192.168.111.130在1515网站的img目录下的hidden_secret/目录中存在clue.txtbase64解密后得到scarecrow:5Qn@$y使用用户:scarecrow,密码:5Qn@$y,登录目标sshsshs
- 2023-05-19Vulnhub: Healthcare 1靶机
kali:192.168.111.111靶机:192.168.111.130信息收集端口扫描nmap-A-v-sV-T5-p---script=http-enum192.168.111.130目录爆破feroxbuster-k-d1--urlhttp://192.168.111.130-w/opt/zidian/SecLists-2022.2/Discovery/Web-Content/directory-list-lowercase-2.3-
- 2023-05-07Vulnhub: InfoSec Prep:OSCP靶机
kali:192.168.111.111靶机:192.168.111.130信息收集端口扫描nmap-A-v-sV-T5-p---script=http-enum192.168.111.130访问80端口下的robots.txt文件,内容提示另一个文件/secret.txtsecret.txt文件内容为base64加密的字符串,解密后发现是ssh私钥echo'LS0tLS1CRUdJTiBPU
- 2023-05-02Vulnhub:Toppo 1靶机
kali:192.168.111.111靶机:192.168.111.130信息收集端口扫描nmap-A-v-sV-T5-p---script=http-enum192.168.111.130根据nmap的脚本http-enum收集到的信息,80端口的admin目录存放有notes.txt文件,根据文件内容得到密码:12345ted123使用cewl收集目标web信息cewlhttp://
- 2023-04-15Vulnhub:Digitalword.local (FALL)靶机
kali:192.168.111.111靶机:192.168.111.130信息收集端口扫描nmap-A-v-sV-T5-p---script=http-enum192.168.111.130访问test.php,提示缺少参数漏洞利用wfuzz爆破参数wfuzz-c-w/opt/zidian/SecLists-2022.2/Discovery/Web-Content/burp-parameter-names.txt--hc