AI: Web: 2 Vulnhub Walkthrough

Others 2019-09-08 02:17:27 views: null

Drone Download link:

https://www.vulnhub.com/entry/ai-web-2,357

Host port scan:

SQL injection attempts, found no injection vulnerability, register to create an account in a

http://10.10.202.160/userpage.php

Under vulnerability database search:

XuezhuLi FileSharing - Directory Traversal

https://www.exploit-db.com/exploits/40009

We look at blasting directory

╰─ sudo -u python3 dirsearch.py http://10.10.202.160/ -e .php

We tried certification file that contains the Apache look at

aiweb2admin: apr1 $ $ $ VXqmVvDD otU1gx4nwCgsAOA7Wi.aU /

╰─ john --wordlist=/usr/share/wordlists/rockyou.txt htpwd

aiweb2admin: c.ronaldo

After attempts &&; | find | command execution can be bypassed

Visit: http: //10.10.202.160/webadmin/H05Tpin9555/php-reverse.php

Then mention the right to carry out the operation:

find / -perm -u=s -type f 2>/dev/null

find / -perm -g=s -type f 2>/dev/null

n0nr00tuser@aiweb2host:/tmp$ ./LinEnum.sh

╰─ searchsploit lxd

Creating hack.sh file, copy the following link script content to hack.sh

https://www.exploit-db.com/exploits/46978

OVER !!

Guess you like

Origin www.cnblogs.com/hack404/p/11482310.html

AI: Web: 2 Vulnhub Walkthrough

No.28-VulnHub-zico2: 1-Walkthrough penetration study

Hackme: 1: Vulnhub Walkthrough

Sunset: Vulnhub Walkthrough

Symfonos:3 Vulnhub Walkthrough

Dc:7 Vulnhub Walkthrough

HA: Chakravyuh Vulnhub Walkthrough

Girlfreind:1 Vulnhub Walkthrough

Mumbai:1 Vulnhub Walkthrough

No.27-VulnHub-Pinky's Palace: v2-Walkthrough penetration study

digitalworld.local:Torment Vulnhub Walkthrough

AI: Web: 2 Vulnhub Пошаговое

No.16-VulnHub-FristiLeaks: 1.3-Walkthrough penetration study

No.15-VulnHub-Raven: 1-Walkthrough penetration study

No.25-VulnHub-Temple of Doom: 1-Walkthrough permeation study

No.21-VulnHub-HackLAB: Vulnix-Walkthrough penetration study

No.48-VulnHub-hackNos: Os-hackNos-Walkthrough penetration study

No.17-VulnHub-Brainpan: 1-Walkthrough penetration study

No.40-VulnHub-Escalate_Linux: 1-Walkthrough penetration study

No.38-VulnHub-Tommy Boy: 1-Walkthrough penetration study

No.32-VulnHub-DC: 6-Walkthrough penetration study

No.37-VulnHub-SolidState: 1-Walkthrough permeation study

After reading this article, I will teach you to play the penetration test target machine vulnhub——Ai-Web1

Algorithm 2 Walkthrough: Peak Mountains array

No.50-VulnHub-hackNos: Os-hackNos-3-Walkthrough penetration study

No.49-VulnHub-hackNos: penetration learn Os-hackNos-2.1-Walkthrough

No.47-VulnHub-Me and My Girlfriend: 1-Walkthrough penetration study

vulnhub ~ Djinn: 2

VulnHub DC-2 Writeup

GoldenEye shooting range of VulnHub (2)

Recommended

The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!

Ranking

Getting the basic concepts of ROS + catkin Profile

Spring Learning (2) --- Assembling Beans in the IoC Container

js to get the src attribute of the image regularly

STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud

Short video learning - 3, pandas simple use of pivot_table

Print directory of project configuration log, output log

Understand the difference between vi and vim in Linux in 3 minutes

1 + x certificate Web front-end development HTML5 special exercises

mangodb save and insert the difference

7-1 Family tree processing (50 points) (binary tree solution)

Daily

More

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)