| 名称 | 说明 |
|---|---|
| 靶机下载链接 | https://www.vulnhub.com/entry/raven-2,269/ |
| 攻击机(kali) | ip:192.168.233.168 |
| 靶机(CentOS) | ip:192.168.233.181 |
gobuster dir -u http://192.168.233.181 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x php,txt,html
hydra -L user.txt -P /usr/share/wordlists/rockyou.txt 192.168.233.181 ssh
好家伙爆破不了
只好测试其他方向
phpmail找寻漏洞searchsploit phpmail
尝试看看使用40974.py
开始操作提权
查看到mysql有执行,R@v3nSecurity
操作跟前面的靶场一样就不再多说
名称说明靶机下载链接https://www.vulnhub.com/entry/tr0ll-1,100/攻击机(kali)ip:192.168.233.168靶机(CentOS)ip:192.168....
名称说明靶机下载链接https://www.vulnhub.com/entry/digitalworldlocal-torment,299/攻击机(kali)ip:192.168.233.168靶机(...
名称说明靶机下载链接https://www.vulnhub.com/entry/raven-1,256/攻击机(kali)ip:192.168.233.168靶机(CentOS)ip:192.168....
nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.14.190 (扫描TCP)nmap -sU --top-ports 100 ...
grandpanmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.95.233 (扫描TCP)跟上个靶场好像davtest -url 10....
名称说明靶机下载链接https://www.vulnhub.com/entry/sickos-11,132/攻击机(kali)ip:192.168.233.168靶机(CentOS)ip:192.16...
