Mr.Be1ieVe's Treasure

路虽远行则将至,事虽难做则必成

HackTheBox Starting Point Shield .29

扫描出来80 ISS和 3306 mysql bp发现路径下有wordpress 查看wordpress版本,网页搜索generator即可搜到generator wordpress

Posted by Mr.Be1ieVe on Monday, April 19, 2021

HackTheBox Starting point Vaccine .46

信息收集 扫描之后有ftp,ssh和web 联想到之前获得的ftp账户,输入进去登录后获得了backup.zip 使用Seclist的字典,通过爆

Posted by Mr.Be1ieVe on Monday, April 19, 2021

HackTheBox Starting Point Oopsie .28

扫描结果 Starting Nmap 7.80 ( https://nmap.org ) at 2020-12-03 06:15 EST Nmap scan report for 10.10.10.28 Host is up (0.49s latency). PORT STATE SERVICE VERSION 21/tcp closed ftp 23/tcp closed telnet 53/tcp closed domain 80/tcp open http Apache httpd 2.4.29 ((Ubuntu)) |_http-server-header: Apache/2.4.29 (Ubuntu) |_http-title: Welcome 110/tcp closed pop3 111/tcp closed rpcbind 113/tcp closed ident 135/tcp closed msrpc 139/tcp closed netbios-ssn 143/tcp closed imap 256/tcp closed fw1-secureremote

Posted by Mr.Be1ieVe on Friday, December 4, 2020

HackTheBox Starting Point Archetype .27

VPN 连接 sudo openvpn example.ovpn Foothold Sql server相关,这部分总提示我connection reset by peer 无法实验 链接到sql server impacket/examples/mssqlclient.py ARCHETYPE/sql_svc@10.10.10.27 -windows-auth SELECT IS_SRVROLEMEMBER('sysadmin') 判断自己有没有sysadmin(最

Posted by Mr.Be1ieVe on Monday, January 1, 0001

avatar

安全运营,兼任应用安全、基础安全。

FEATURED TAGS
awd buu ctf hackthebox linux使用 xray 专业学习 基础知识 学习笔记