靶机下载地址：https://hackmyvm.eu/machines/machine.php?vm=Dentacare。

扫描端口，开放了22、80和8000。

└─$ nmap -sV -sC -Pn -p- -oN port.log 192.168.56.136
PORT     STATE SERVICE VERSION                                                                                                                                                
22/tcp   open  ssh     OpenSSH 9.2p1 Debian 2+deb12u2 (protocol 2.0)                                                                                                          
| ssh-hostkey:                                                                                                                                                                
|   256 e7:ce:f2:f6:5d:a7:47:5a:16:2f:90:07:07:33:4e:a9 (ECDSA)                                                                                                               
|_  256 09:db:b7:e8:ee:d4:52:b8:49:c3:cc:29:a5:6e:07:35 (ED25519)                                                                                                             
80/tcp   open  http    Werkzeug/3.0.2 Python/3.11.2                                                                                                                           
|_http-server-header: Werkzeug/3.0.2 Python/3.11.2                                                                                                                            
|_http-title: DentaCare Corporation                                                                                                                                           
| fingerprint-strings:                                                                                                                                                        
...
8000/tcp open  http    Apache httpd 2.4.57
|_http-title: 403 Forbidden
|_http-server-header: Apache/2.4.57 (Debian)

继续阅读 →