::: {.container}
::: {.post}
::: {.show-content}
目标域名：http://www.lwxs520.com

2018.2.10 发现域名换了，http://www.lwxiaoshuo.com

后台：http://www.lwxs520.com/loginframe.php（17-03-27准备暴破，发现这不是一个后台。。理由，有注册链接）

1,目标网站是动态网站，使用PHP脚本语言。

2，服务器类型

服务器操作系统类型：windows sever 2008      /    Microsoft-IIS/7.5

3，是否为CMS

::: {.image-package}
\

::: {.image-caption}
:::
:::

4，是否开启CDN

。。？应该是否吧。

虽然是美国的服务器，但各个地区ping的地址是一样的。

ip为192.126.112.200

::: {.image-package}
\

::: {.image-caption}
:::
:::

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

5.是否有robot.txt文件

::: {.image-package}
\

::: {.image-caption}
:::
:::

6,开放端口。

。。? IP好像有点不对。探测的端口全部过滤。

::: {.image-package}
\

::: {.image-caption}
:::
:::

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

theharvester,找邮箱。。感觉邮箱哪里不对。并发现了另一些IP

::: {.image-package}
\

::: {.image-caption}
:::
:::

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

本来想找后台，没想到在这种浏览向的网站，页面实在太多。。也没想到robots.txt这么简单就指出了后台。

::: {.image-package}
\

::: {.image-caption}
:::
:::

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

netscraft查询

::: {.image-package}
\

::: {.image-caption}
:::
:::

\

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

---

2018.2.10 发现开了22、80。

 nmap --script=auth 23.234.25.222
:::
:::
:::