Shocker(shellshock破壳漏洞) 10.10.10.56 1280/tcp open http Apache httpd 2.4.18 ((Ubuntu))2222/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0) 1访问web,是一个单纯的图片,查看源码无发现。 2目录扫描ing.两个目录403,未发现其他目录 3 2019-02-10 training training
Optimum(win64-msf提权) Optimum(win64-msf提权) 参考资料:https://isroot.nl/2018/06/25/hack-the-box-write-up-optimum/ 123480/tcp open http HttpFileServer httpd 2.3|_http-server-header: HFS 2.3|_http-title: HFS /Service Info: OS: 2019-02-07 training training windows
wapiti - python web scanner 下载地址:https://sourceforge.net/projects/wapiti/参考资料:http://wapiti.sourceforge.net/ 安装:12345678910cd /opt;python3 setup.py installcd /opt/wapiti3-3.0.1wapiti -u http://192.168.241.136/ --v 2python wapiti 2019-02-05 scan
除夕纪事 坐过飞机,搭上巴士,再转小汽车,跨越上千公里,我又回到了山中外婆家。如果是在宫崎骏的动画里,远离城市的乡村应该画的很美吧。可惜不是,外婆住的地方靠近一个大坝,除了一条河一条公路,什么也没有。。 一开始十分不适应,烧炭取暖,如厕不便都让我十分不耐烦。 我老是心心念念地学渗透,开着移动数据,网速十分差劲,让我十分不爽(*  ̄︿ ̄) 今晚是除夕夜,我和妹妹沿着沅江散步,天渐渐黑了起来。山中房屋稀疏的坐落 2019-02-03 View View
raven2(CVE-2016-10033) 12322/tcp open ssh OpenSSH 6.7p1 Debian 5+deb8u4 (protocol 2.0)80/tcp open http Apache httpd 2.4.10 ((Debian))111/tcp open rpcbind 2-4 (RPC #100000) try1-ssh用户枚举123python ssh.py --userList 2019-02-01 training training
ms08-067 10.10.10.4 masscan + nmap123Discovered open port 139/tcp on 10.10.10.4 Discovered open port 137/udp on 10.10.10.4 Discovered ope 2019-01-29 training training windows
永恒之蓝 10.10.10.40 12345678910135/tcp open msrpc Microsoft Windows RPC139/tcp open netbios-ssn Microsoft Windows netbios-ssn445/tcp open microsoft-ds Windows 7 Professional 7601 Service Pack 2019-01-22 training training windows
Mirai(物联网设备默认密码) 10.10.10.48 扫描123456789101112131415PORT STATE SERVICE VERSION53/tcp open domain dnsmasq 2.76| dns-nsid: |_ bind.version: dnsmasq-2.76Service detection performed. Please report any incorrect resul 2019-01-21 training training weak password
web常见漏洞--文件上传 参考资料: https://www.cnblogs.com/milantgh/p/3601724.htmlhttps://www.waitalone.cn/bypassing-the-file-upload-validation.html 上一篇:常见web漏洞-command execution 第一个直接上传,什么都没限制 第二个,传php,会提示no PHP 传jpg,正常上传 2019-01-20 web web
Blocky(源码泄露、java反编译) 10.10.10.37 123421/tcp open ftp ProFTPD 1.3.5a22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0)80/tcp open http Apache httpd 2.4.18 ((Ubuntu))2 2019-01-19 training training