Tasking environment Description:
Attack:
- Physical machine: Windows7
- Physical installation tool 1: Microsoft Visual Studio 2008
- Physical installation tool 2: OllyICE
- Virtual Machine 1: Ubuntu_Linux
- Virtual Machine 1 installation tool 1: Python3 / Python2
- 1 virtual machine installation tools 2: GCC
- 1 virtual machine installation tools 3: GDB
- 1 virtual machine installation tools 4: Netcat
- 1 virtual machine username: root, password Virtual Machine 1: 123456
- Virtual machine operating system 2: CentOS_Linux
- 2 virtual machine installation tool 1: GCC
- 2 virtual machine installation tools 2: GDB
- Virtual Machine 2 Username: root, VM 2 Password: 123456
target drone:
- Server Scenario 1: WindowsServer
- FTP server scenario 1 download service user name: anonymous
- Server Scenario 2: Windows (unknown)
##########################################
### in accordance with previous years, on the scan script ARP, ICMP ###
##########################################
SUMMARY:
1. Scenario 2 server for uploading a word Trojan, use a file that contains the directory that contains the URL of the relevant documents, web pages, parameter string as a parameter, a hexadecimal value by the result of the hash function MD5 operations returned as the value of Flag submitted (in the form of: hexadecimal string);
js/calendar.php?lang=
The above information is hashed (equal sign), 19 years National Cup first task two small questions the answer is this. The vulnerability is ecshop, refer to: https://www.seebug.org/vuldb/ssvid-26135
2. In the Disk C 2 server scenario: finding \ under Windows ABC_03.py file, upload it to a virtual machine 1 attack aircraft, according to comments within the required functional script file, in perfect script code, would require a corresponding FLAG1 sound content string as a parameter by the MD5 function operation, the hexadecimal value returned result of the hash value as the submission Flag (form: hexadecimal string);
3. Continue editing ABC_03.py file, in perfect script code, will FLAG2 the corresponding need to improve the content string as a parameter, hexadecimal results after MD5 hash function operation return value as the value of Flag submitted (in the form of: hexadecimal string);
4. ABC_03.py continue editing documents in improving script code, the need to improve the content of the corresponding FLAG3 string as a parameter, the results hexadecimal MD5 hash function operation returns the value as the value submitted Flag (in the form of: hexadecimal string);
5. Continue ABC_03.py edit files in perfect script code, the need to improve the content of the corresponding FLAG4 string as a parameter, the results hexadecimal MD5 hash function operation returns the value as the value submitted Flag (in the form of: hexadecimal string);
6. Continue editing ABC_03.py file, in perfect script code, will FLAG5 the corresponding need to improve the content string as a parameter, hexadecimal results after MD5 hash function operation return value as the value of Flag submitted (in the form of: hexadecimal string);
7. Continue editing ABC_03.py file, in perfect script code, will FLAG6 the corresponding need to improve the content string as a parameter, hexadecimal results after MD5 hash function operation return value as the value of Flag submitted (in the form of: hexadecimal string);
8. Continue ABC_03.py edit files in perfect script code, the need to improve the content of the corresponding FLAG7 string as a parameter, the results hexadecimal MD5 hash function operation returns the value as the value submitted Flag (in the form of: hexadecimal string);
9. ABC_03.py continue editing files, script code in improving, the need to improve the content of the corresponding FLAG8 string as a parameter, the results hexadecimal MD5 hash function operation returns the value as the value submitted Flag (in the form of: hexadecimal string);
Virtual machine 10. The machine 1 in which the attack execution script ABC_03.py, according to the echo server scene scan output port 2 as a parameter string, a hexadecimal value by the result of the hash function MD5 calculation returns Flag value as filed (form: hexadecimal string);
Scan in several ways:
If you find this article useful to you you can be a reward by scanning the QR code below.
-> micro letter < - -> Alipay < -
