抱歉,您的浏览器无法访问本站
本页面需要浏览器支持(启用)JavaScript
了解详情 >

Yao's blog

改卷的时候卷,才有躺的机会

1 Introduction使用nmap进行端口扫描,80端口运行着web服务,根据web页面提示的引擎版本信息找到Searcher有命令执行漏洞,利用漏洞获得shell。在获得web shell之后在web服务目录中存在隐藏.git目录,查看配置文件即可得到用户凭证,以此查看sudo命令执行列表,得到sudo命令信息后,根据sudo命令查看运行着的容器信息,可以得到mysql登录凭证和gi...

1 Information1.1 nmap12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929...

Information nmap首先进行全端口扫描 1234567891011┌──(kali㉿kali)-[~]└─$ nmap -p- --min-rate 10000 10.10.10.8 Starting Nmap 7.93 ( https://nmap.org ) at 2023-08-22 07:09 EDTNmap scan report for 10.10.10.8...

Information Port Scan使用nmap来做全端口扫描 1234567891011121314┌──(kali㉿kali)-[~/Documents/htb]└─$ nmap -p- --min-rate 10000 10.10.10.63Starting Nmap 7.93 ( https://nmap.org ) at 2023-08-19 07:41 EDTNm...

Informationnmap1234567891011┌──(kali㉿kali)-[~/Documents/htb]└─$ nmap -p- --min-rate 10000 10.10.10.93Starting Nmap 7.93 ( https://nmap.org ) at 2023-08-16 08:21 EDTNmap scan report for 10.10.10.93H...

Welcome to Hexo! This is your very first post. Check documentation for more info. If you get any problems when using Hexo, you can find the answer in troubleshooting or you can ask me on GitHub. Qu...