| 名称 | 说明 |
|---|---|
| 靶机下载链接 | https://www.vulnhub.com/entry/raven-2,269/ |
| 攻击机(kali) | ip:192.168.233.168 |
| 靶机(CentOS) | ip:192.168.233.181 |
gobuster dir -u http://192.168.233.181 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x php,txt,html
hydra -L user.txt -P /usr/share/wordlists/rockyou.txt 192.168.233.181 ssh
好家伙爆破不了
只好测试其他方向
phpmail找寻漏洞searchsploit phpmail
尝试看看使用40974.py
开始操作提权
查看到mysql有执行,R@v3nSecurity
操作跟前面的靶场一样就不再多说
nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.122.40 (扫描TCP)nmap -sU --top-ports 100 ...
nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.180.205 (扫描TCP)nmap -sU --top-ports 100 ...
信息收集nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.204.217 (扫描TCP)nmap -sU --top-ports 100 10.12...
nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.237.97 (扫描TCP)enum4linux(自动化枚举) ...
名称说明靶机下载链接https://www.vulnhub.com/entry/kioptrix-level-11-2,23/攻击机(kali)ip:192.168.233.168靶机(CentOS)...
nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.196.68 (扫描TCP)nmap -sU --top-ports 100 10.129.196...
