• 2024-11-20Readys pg walkthrough Intermediate
    nmap┌──(root㉿kali)-[~]└─#nmap-p--A192.168.175.166StartingNmap7.94SVN(https://nmap.org)at2024-11-2004:41UTCNmapscanreportfor192.168.175.166Hostisup(0.070slatency).Notshown:65532closedtcpports(reset)PORTSTATESERVIC
  • 2024-11-14Assignment pg walkthrough Easy 通配符提权变种
    nmap扫描┌──(root㉿kali)-[~]└─#nmap-p--A192.168.157.224StartingNmap7.94SVN(https://nmap.org)at2024-11-1404:18UTCStats:0:00:53elapsed;0hostscompleted(1up),1undergoingServiceScanServicescanTiming:About66.67%done;ETC:04:
  • 2024-11-14Zino pg walkthrough Intermediate
    nmap扫描发现smba共享文件┌──(root㉿kali)-[~]└─#nmap-p--A192.168.167.64StartingNmap7.94SVN(https://nmap.org)at2024-11-1400:33UTCStats:0:01:42elapsed;0hostscompleted(1up),1undergoingSYNStealthScanSYNStealthScanTiming:Abo
  • 2024-11-12Shiftdel walkthrough Intermediate
    点击查看代码nmap-p--A192.168.167.174StartingNmap7.94SVN(https://nmap.org)at2024-11-1200:09UTCNmapscanreportfor192.168.167.174Hostisup(0.071slatency).Notshown:65532closedtcpports(reset)PORTSTATESERVICEVERSION22/tcpop
  • 2024-11-12Cockpit pg walkthrough Intermediate
    nmap发现两个web站80和9090还有22端口dirsearch发现80端口有login.php登录界面发现没有弱口令测试sql注入测试了一会发现密码password='#就绕过了不过我没搞懂为啥就绕过了要后面拿了root权限才知道登录之后发现密码james Y2FudHRvdWNoaGh0aGlzc0A0NTUxNTI=
  • 2024-11-11Educated PG walkthrough Intermediate
    nmap扫到8022dirsearch扫描发现┌──(root㉿kali)-[~]└─#dirsearch-uhttp://192.168.167.13//usr/lib/python3/dist-packages/dirsearch/dirsearch.py:23:DeprecationWarning:pkg_resourcesisdeprecatedasanAPI.Seehttps://setuptools.pypa.io/en/latest
  • 2024-11-10law Intermediate walkthrough pg
    靶场很简单分数只有10分跟平常做的20分的中级靶场比确实简单我拿来放松的算下来30分钟解决战斗nmap扫到80端口web界面是个框架搜exphttps://www.exploit-db.com/exploits/52023他的脚本可能有点问题看不到回显我们审脚本直接看到漏洞点所在命令执行curl-s-d"sid=foo
  • 2024-11-09Groove Intermediate pg walkthrough
    80端口web站点dirsearch没发现啥有用信息感觉就是让我们突破登录框进后台的https://github.com/ChurchCRM/CRM/issues/137上网查到默认密码登录后台跟具cms查exp发现有个SQL注入payload找半天找到一个可以直接sql注入http://192.168.167.44/EventAttendance.php?Actio
  • 2024-09-12A Walkthrough Using Acquire and Release Fences
    We’lltaketheexamplefrommypreviouspostandmodifyittouseC++11’sstandaloneacquireandreleasefences.Here’stheSendTestMessagefunction.Theatomicwriteisnowrelaxed,andareleasefencehasbeenplacedimmediatelybeforeit.voidSen
  • 2024-05-21Fallout Walkthrough
    TheNearlyUltimateFalloutGuideVersion1.1WrittenandcodedbyPerJornerThemainthingyouwillfindinFO1isthereislessofeverything.Ofcourse,itshouldcomeasnosurprisethatthefirstgameintheserieswouldbesmallerthanthesequel.
  • 2024-05-11SolidState 靶机 walkthrough
    扫描┌──(root㉿kali)-[/home/kali]└─#nmap-T5-A-v-p-192.168.80.141StartingNmap7.92(https://nmap.org)at2022-10-2403:50EDTNSE:Loaded155scriptsforscanning.NSE:ScriptPre-scanning.InitiatingNSEat03:50CompletedNSEat03:50,0.00
  • 2023-12-08Fiori WalkThrough学习-Step02.Bootstrap
    1.Index.html<!DOCTYPEhtml><html><head><metacharset="utf-8"><title>UI5Walkthrough</title><scriptid="sap-ui-bootstrap"src="https://openui5.hana.ondemand.co
  • 2023-11-28hackthebox format medium walkthrough
    walkthough 1.Wemustbrowsethewebsiteandlookupthebusinesspointforthewebpage.atthisboxwecanfindthecoderepository.codeauditinganddiscoveringtheprivilegeescalatedthroughtheRedisUnixsockvulnerability.2.Afterprivilegeescalat
  • 2023-06-13Walkthrough-digitalworld.local: BRAVERY
    0x01环境靶机地址:https://www.vulnhub.com/entry/digitalworldlocal-bravery,281/0x02过程1.信息收集┌──(root㉿kali)-[/home/kali/Desktop/oscp]└─#netdiscover-r192.168.60.0/24Currentlyscanning:Finished!|ScreenView:UniqueHosts
  • 2023-06-05Walkthrough-hackme 1
    0x01环境靶机地址:https://www.vulnhub.com/entry/hackme-1,330/0x02过程1.信息收集┌──(root㉿kali)-[/home/kali]└─#netdiscover-r192.168.60.0/24Currentlyscanning:Finished!|ScreenView:UniqueHosts
  • 2023-06-02Walkthrough-SolidState 1
    0x01环境靶机地址:https://www.vulnhub.com/entry/solidstate-1,261/0x02过程1.信息收集┌──(root㉿kali)-[/home/kali/Desktop/oscp]└─#netdiscover-r192.168.60.0/24Currentlyscanning:Finished!|ScreenView:UniqueHosts
  • 2023-05-31Walkthrough-TR0LL 1
    0x01环境靶机地址:https://www.vulnhub.com/entry/tr0ll-1,100/该靶机偏CTF0x02过程1.信息收集┌──(root㉿kali)-[/home/kali/Desktop/oscp]└─#netdiscover-r192.168.60.0/24Currentlyscanning:Finished!|ScreenView:UniqueHosts
  • 2023-05-30Walkthrough-WINTERMUTE 1
    0x01环境靶机地址:https://www.vulnhub.com/entry/wintermute-1,239/两个靶机,做网络隔离STRAYLIGHT一张网卡桥接,另一张仅主机模式,桥接网卡时,可能有点问题,重选一下网卡就好了Kali做桥接网卡NEUROMANCER仅主机kali和NEUROMANCER网络不联通0x02过程STRAYLIGHT1.信息收
  • 2023-04-16Vulnhub Fall Walkthrough
    Recon二层本地扫描,发现目标靶机。┌──(kali㉿kali)-[~]└─$sudonetdiscover-r192.168.80.0/24Currentlyscanning:Finished!|ScreenView:UniqueHosts4CapturedARPReq/Rep
  • 2023-04-13Vulnhub Joy Walkthrough
    Recon这台靶机对枚举的要求较高,如果枚举不出有用的信息可能无法进一步展开,我们首先进行普通的扫描。┌──(kali㉿kali)-[~/Labs/Joy/80]└─$sudonmap-sS-sV-p-192.168.80.136StartingNmap7.93(https://nmap.org)at2023-04-1022:42EDTNmapscanreportfor
  • 2023-04-12Vulnhub Development Walkthrough
    VulnhubDevelopmentWalkthroughRecon首先使用netdiscover进行二层Arp扫描。┌──(kali㉿kali)-[~]└─$sudonetdiscover-r192.168.80.0/24Currentlyscanning:Finished!|ScreenView:UniqueHosts5CapturedARPReq/Reppackets,from5hosts.Total
  • 2023-04-11Walkthrough-SICKOS 1.2
    0x01环境靶机地址:https://www.vulnhub.com/entry/sickos-12,144/靶机用VMware打开;virtualbox有点麻烦,参考靶机地址进行配置。0x02过程1.信息收集┌──(root㉿kali)-[/home/kali/Desktop/tmp]└─#netdiscover-r192.168.60.1/24Currentlyscanning:Finished!|
  • 2023-04-08Vulnhub Bravery靶机 Walkthrough
    BraveryRecon使用netdiscover对本地网络进行arp扫描。┌──(kali㉿kali)-[~]└─$sudonetdiscover-r192.168.80.0/24Currentlyscanning:Finished!|ScreenView:UniqueHosts5
  • 2023-03-28Walkthrough-KIOPTRIX 2014
    0x01环境靶机地址:https://www.vulnhub.com/entry/kioptrix-2014-5,62/靶机默认网卡有点问题,移除网卡再新增网卡即可环境容易崩溃,崩溃了重启就好0x02过程1.信息收集
  • 2023-03-24Walkthrough-KIOPTRIX LEVEL1.3
    0x01环境靶机地址:https://www.vulnhub.com/entry/kioptrix-level-13-4,25下载下来后就只有一块硬盘vmdk需要新建一个MS-DOS机器,并把硬盘指定为靶机的vmdk修改内存大