Vulnhub_drippingblues
全部标签0×03Vulnhub靶机渗透总结之KIOPTRIX:LEVEL1.2(#3)🔥系列专栏:Vulnhub靶机渗透系列🔥欢迎大佬:👍点赞⭐️收藏➕关注🔥首发时间:2023年8月22日🌴如有错误还望告知万分感谢🌴基本信息:KIOPTRIX:LEVEL1.2(#3),vulnhub平台下简单难度靶机。本文并非复现writeup关键在于打靶思路,主要是从web层面入手。本文采用了比较常规的一种方法:通过SQL注入获取用户凭据,ssh登陆靶机进行sudo提权,文中手动注入和SQLmap自动化均有呈现,后续也尝试了框架漏洞的利用的尝试。这台靶机存在漏洞较多,需要根据自身经验做出筛选、权衡与比对,是对综合知
(一)信息收集查询目标靶机ip,目标机:192.168.241.142arp-scan-l照常扫一下端口,发现开放21(ftp服务),22(ssh服务),80(web服务)三个端口nmap-A-T4192.168.241.142发现开放21ftp端口,尝试访问。发现一个压缩包,下载下来发现有两个加密文件是包含关系,那我们就需要解开第一层密码。ftp://(目标机ip)ftp://192.168.241.142(注:我这里kali自带浏览器无法直接访问,用自己电脑的浏览器可以直接访问)我们可以用Fcrackzip来进行密码爆破fcrackzip-D-p/usr/share/wordlists/r
InfosecWarrior作者:jasonhuawen靶机信息名称:InfoSecWarriorCTF2020:01地址:https://www.vulnhub.com/entry/infosecwarrior-ctf-2020-01,446/识别目标主机IP地址─(kali㉿kali)-[~/Vulnhub/Infosec]└─$sudonetdiscover-ieth1-r192.168.56.0/24Currentlyscanning:192.168.56.0/24|ScreenView:UniqueHosts3CapturedARPReq/Reppackets,from3hosts.
InfosecWarrior作者:jasonhuawen靶机信息名称:InfoSecWarriorCTF2020:01地址:https://www.vulnhub.com/entry/infosecwarrior-ctf-2020-01,446/识别目标主机IP地址─(kali㉿kali)-[~/Vulnhub/Infosec]└─$sudonetdiscover-ieth1-r192.168.56.0/24Currentlyscanning:192.168.56.0/24|ScreenView:UniqueHosts3CapturedARPReq/Reppackets,from3hosts.
目录一.环境搭建二.渗透过程1.信息收集1.1主机发现1.2端口扫描1.3目录扫描2.信息漏洞利用2.1靶机目录信息搜集:3.Getshell3.1ssh弱口令3.2信息收集4.提权5.*反推,其他思路*5.1提权后的信息收集:总结一.环境搭建Lazysysadmin靶场下载:https://download.vulnhub.com/lazysysadmin/Lazysysadmin.zipkali自备或官网下载:https://cdimage.kali.org/kali-2022.3/kali-linux-2022.3-installer-amd64.iso靶场下载解压后改成nat模式。二.
目录一.环境搭建二.渗透过程1.信息收集1.1主机发现1.2端口扫描1.3目录扫描2.信息漏洞利用2.1靶机目录信息搜集:3.Getshell3.1ssh弱口令3.2信息收集4.提权5.*反推,其他思路*5.1提权后的信息收集:总结一.环境搭建Lazysysadmin靶场下载:https://download.vulnhub.com/lazysysadmin/Lazysysadmin.zipkali自备或官网下载:https://cdimage.kali.org/kali-2022.3/kali-linux-2022.3-installer-amd64.iso靶场下载解压后改成nat模式。二.
Ino识别目标主机IP地址─(kali㉿kali)-[~/Vulnhub/Ino]└─$sudonetdiscover-ieth1-r192.168.56.0/24Currentlyscanning:192.168.56.0/24|ScreenView:UniqueHosts3CapturedARPReq/Reppackets,from3hosts.Totalsize:180_____________________________________________________________________________IPAtMACAddressCountLenMACVendor/Ho
Ino识别目标主机IP地址─(kali㉿kali)-[~/Vulnhub/Ino]└─$sudonetdiscover-ieth1-r192.168.56.0/24Currentlyscanning:192.168.56.0/24|ScreenView:UniqueHosts3CapturedARPReq/Reppackets,from3hosts.Totalsize:180_____________________________________________________________________________IPAtMACAddressCountLenMACVendor/Ho
Inplainsight识别目标主机IP地址─(kali㉿kali)-[~/Vulnhub/Inplainsight]└─$sudonetdiscover-ieth1-r192.168.56.0/24Currentlyscanning:192.168.56.0/24|ScreenView:UniqueHosts3CapturedARPReq/Reppackets,from3hosts.Totalsize:180_____________________________________________________________________________IPAtMACAddressCo
Inplainsight识别目标主机IP地址─(kali㉿kali)-[~/Vulnhub/Inplainsight]└─$sudonetdiscover-ieth1-r192.168.56.0/24Currentlyscanning:192.168.56.0/24|ScreenView:UniqueHosts3CapturedARPReq/Reppackets,from3hosts.Totalsize:180_____________________________________________________________________________IPAtMACAddressCo
