Target machine test--Dina

Others 2021-03-30 12:18:37 views: null

table of Contents

collect message
Vulnerability discovery
Right escalation
to sum up

collect message

Host discovery

Insert picture description here

Port scan

Only port 80:
Insert picture description here

Directory scan

Insert picture description here
Visit every accessible path:

Homepage:
Insert picture description here
nothing/pass:

secure/:

Vulnerability discovery

Get a similar password dictionary, a zip file.

Download the zip file:

A password is required. Use the obtained password freedom. After decompression, it is in mp3 format, but it cannot be played:
Insert picture description here
Open with text:

obtain a user name and a background, open:

use diana to log in successfully: the

website framework is playsms.

Search for CMS vulnerabilities:
Insert picture description here
three belong to msf, use msf:

use the first one, set:

success.

The second one succeeded; the third one succeeded.

Insert picture description here

Right escalation

First use nc reverse shell:
Insert picture description here

Insert picture description here
Use dirty cows to escalate rights (find, sudo, attempts to no avail):

Enter the /tmp directory, kali starts the http service, wget downloads, compiles and executes.

Insert picture description here

Insert picture description here

to sum up

Obtain more information based on known information (information collection through information collection).

Use version vulnerabilities.

Guess you like

Origin blog.csdn.net/qq_45742511/article/details/115282741

Target machine test--Dina

Target machine test-zico

Target machine test--DC(4)

[Target machine] vulnhub target machine clover: 1

Target machine test--Billu_b0x

F5 test target machine installation steps

Vulnhub target machine test--CH4INRULZ_v1.0.1

Copy the key to the target machine

[Machine Learning] Target Detection

Machine vision recognition target

Download and installation of target machine OWASPBWA

After reading this article, I will teach you to play the penetration test target machine vulnhub——Ai-Web1

After reading this article, I will teach you how to use the penetration test target machine - Metasploitable2

After reading this article, I will teach you how to use the penetration test target machine vulnhub—Emplre: Lupinone

After reading this article, I will teach you how to use the penetration test target machine vulnhub—Corrosion: 1

After reading this article, I will teach you how to use the penetration test target machine vulnhub—Corrosion: 2

Traditional machine learning target detection and deep learning target detection

Use the existing tools of the target system to quickly package the target machine data

hacknos-player target machine penetration

VulnHub target machine-VulnOs-2

Check the antivirus software installed on the target machine

ssh2 cannot connect to target machine

Modify the network connection mode of the Kioptrix target machine

Demonstration of sql error injection target machine

Intranet penetration testing target machine explanation (1)

opencv machine learning-the first attempt to generate multiple composite sample images from a single target real sample image, and test and verify

DC-3 target machine penetration detailed tutorial (with target machine link)

The detailed process of DC-2 target machine penetration (attached target machine link)

Target detection-mAP test

Cve N / A reappears (target machine environment Ubuntu18.04)

Recommended

Ranking

error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘

Database migration between Navicat servers

Minimum number of rotation of the array: Array

balenaEtcher for mac (make a boot disk software) v1.5.67

Custom processing serialization and deserialization in jackson

Mu-en-mask system development software

Mastering Regular Expressions

Find mileage Java--

Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions

[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite

Daily

More

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)