永恒之蓝 10.10.10.40 12345678910135/tcp open msrpc Microsoft Windows RPC139/tcp open netbios-ssn Microsoft Windows netbios-ssn445/tcp open microsoft-ds Windows 7 Professional 7601 Service Pack 2019-01-22 training training windows
Mirai(物联网设备默认密码) 10.10.10.48 扫描123456789101112131415PORT STATE SERVICE VERSION53/tcp open domain dnsmasq 2.76| dns-nsid: |_ bind.version: dnsmasq-2.76Service detection performed. Please report any incorrect resul 2019-01-21 training training weak password
web常见漏洞--文件上传 参考资料: https://www.cnblogs.com/milantgh/p/3601724.htmlhttps://www.waitalone.cn/bypassing-the-file-upload-validation.html 上一篇:常见web漏洞-command execution 第一个直接上传,什么都没限制 第二个,传php,会提示no PHP 传jpg,正常上传 2019-01-20 web web
Blocky(源码泄露、java反编译) 10.10.10.37 123421/tcp open ftp ProFTPD 1.3.5a22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0)80/tcp open http Apache httpd 2.4.18 ((Ubuntu))2 2019-01-19 training training
Active(windows smb共享硬盘) 参考资料:smbclient scan1234567891011121314151617181920212223242526272853/tcp open domain Microsoft DNS 6.1.7601| dns-nsid: |_ bind.version: Microsoft DNS 6.1.7601 (1DB15D39)88/tcp open ker 2019-01-15 training training
Access(port:23-telnet登入反弹cmd) 123456789101112Nmap scan report for 10.10.10.98Host is up (0.13s latency).Not shown: 997 filtered portsPORT STATE SERVICE21/tcp open ftp23/tcp open telnet80/tcp open httpnmap -sV -p 21,23,80 10.1 2019-01-11 training training windows port 23
Devel(ftp匿名登陆可读可写) 10.10.10.5 12321/tcp open ftp Microsoft ftpd80/tcp open http Microsoft IIS httpd 7.5 ftp12345678910111213141516171819ftp 10.10.10.5anonymous03-18-17 01:06AM <DIR> aspnet 2019-01-10 training training windows port 21
masscan结合python快速枚举批量主机端口 还记得当时360电话面试的时候,问我互联网上最快的扫描器是什么,我回答的zenmap? 最近渗透测试的实习,给了很多主机,记录一下。 python去重 123456789ips = []write_ips = open('ips.txt','a')with open('1.txt') as f: for line in f: ips. 2019-01-09 scan
论传销 论传销写这篇文章的起因。 最近苹果手机电池不行了,一到百分之30就噌噌噌往下掉。于是我上班的间歇,就找了个手机维修店。店主把我的手机拆开,然后让我等十多分钟,还拿着吹风机吹。然后就出门了,让我等一会儿。 我百无聊赖的也不知道干什么,盯了一会儿拆下来的电池。电池居然是软的,被掰弯了== 期间,有一个搞推销的青年走了进来。一开始给店员推销,店员拼命拒绝。他的脖子上很明显的钴蓝色带子,挂着的应该是证件, 2019-01-08 View View
Joker(http-proxy) 10.10.10.21 scan1222/tcp open ssh OpenSSH 7.3p1 Ubuntu 1ubuntu0.1 (Ubuntu Linux; protocol 2.0)3128/tcp open http-proxy Squid http proxy 3.5.12 web目录扫描,连接时间异常,没有找到任何页面 trying1:缓冲区溢出searchs 2019-01-07 training training