https://www.youtube.com/watch?v=kbw4_4jUP_U&t=49s这台机器利用了 ubuntu USBcreator 进行提权首先通过 CuteNews 2.1.2 的RCE 漏洞拿到低权限 www-data shell。然后通过检查配置文件拿到用户加密的用户密码。解密后可提权至用户1 。检查用户1 的 ssh public key 发现私钥
「红队笔记」靶机精讲:HTB Explorer - 手机渗透测试初探,陌生攻击面学习型渗透测试思维模式展示,移动渗透测试新手友好。 597 15 52:46:24 App 黑客入侵网站后台的秘密—SQL注入,4小时纯小白也能学明白的黑客技术!带你直接入狱级操作(网络安全|渗透测试|web安全) 603 13 4:57:34 App 【网络安全毕业设计项目】10...
当然,我也参考了别人的walkthrough,他们扫描出了/rest 文件夹,我试着使用它们的字典以及工具进行扫描,扫描时间实在太长,而且我们完全可以不使用 /rest 文件就能达到我们的渗透目的 接下来使用searchsploit 对 drupal 7.54 版本进行扫描 漏洞利用 使用44449.rb 脚本 我们得到了一个shell,这是我在参考了许多walkthrough...
https://youtu.be/OSRCEOQQJ4EHackTheBox - LaCasaDePapel walkthroughAuthor: IppSecTimeline: https://jpst.it/2TRdECC 4.0, 视频播放量 78、弹幕量 0、点赞数 1、投硬币枚数 0、收藏人数 2、转发人数 0, 视频作者 Leon050313, 作者简介 ,相关视频:HackTheBox - Anubis-
Today, we will be continuing with our exploration of Hack the Box (HTB) machines as seen in previous articles. This walkthrough is of an HTB machine named Registry. HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. ...
HackTheBox – Acute Walkthrough via Pentest diaries Leon050313 44 0 HackTheBox - Search Beginners Walkthrough via SecAura Leon050313 55 0 HackTheBox - Player2 Leon050313 32 0 HackTheBox - Cache walkthrough Leon050313 40 0 HackTheBox – AdmirerToo Walkthrough - via pentest diary Leo...
HTB Walkthrough: Jupiter 首先nmap扫描: # Nmap 7.93 scan initiated Tue Jun 6 21:42:38 2023 as: nmap -T4 -v -A -oA nmap/jupiter 10.129.176.50 Nmap scan report for 10.129.176.50 Host is up (0.079s latency). Not shown: 998 closed tcp ports (reset) ...
Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named Sauna. HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Indivi...
目标IP:10.10.11.218 本机IP:10.10.14.4 首先端口扫描: ┌─[✗]─[ippsec@parrot]─[~/HTB/Sandworm] └──╼ $ sudo nmap -p- --min-rate 10000 -sCV -v -oA nmap/sandworm 10.10.11.218 [sudo] password fo…
walkthough 1.We must browse the website and look up the business point for the webpage. at this box we can find the code repository.code auditing and discovering the privilege escalated through the Redis Unix sock vulnerability. 2.After privilege escalating,the new username is pro. Through co...