Windy's little blog

一切生活中的杂七杂八, and I like CTF.

Vulnhub Bluesmoke: devrandom2 Walkthrough

https://www.vulnhub.com/entry/bluesmoke-devrandom2,678/Nmap scan ports.nmap -sV -sC -p- -oN ports.log 192.168.56.100Check port 80, it's a backup system.We can only upload .zip or .tar files. And tar has wildcrad vuln

HackMyVm Momentum Walkthrough

https://hackmyvm.eu/machines/machine.php?vm=MomentumIt's a little tricky machine, thanks author for the hints.Nmap scan ports first.nmap -sV -sC -p- -oN ports.log 192.168.56.100Scan port 80, nothing special right now

HackMyVm Choc Walkthrough

https://hackmyvm.eu/machines/machine.php?vm=ChocNmap scan ports, only 21 and 22 are open.nmap -sV -sC -p- -oN ports.log 192.168.56.100Login ftp as anonymous, get id_rsa.Try ssh, get user name "carl".Try to logi

Vulnhub Wayne Manor: 1 Walkthrough

http://www.vulnhub.com/entry/wayne-manor-1,681/Read GUIDELINES.txt in unziped files.GUIDELINES:     Add '<ip> waynemanor.com' to the '/etc/hosts' file.     

Vulnhub Wireless: 1 Walkthrough

https://www.vulnhub.com/entry/wireless-1,669/Nmap scan ports.nmap -sV -p- -oN ports.log 192.168.33.136Scan port 80, only index.html.Visit port 8000, look like a cms site. Take care the upper-left, there is a username "ji

HackMyVm Diophante Walkthrough

https://hackmyvm.eu/machines/machine.php?vm=DiophanteScan ports, noticed port 25 maybe open, it's smtp service.nmap -sV -sC -p- -oN ports.log 192.168.56.100Dir scan port 80.Check note.txt, it's a hint about knock

HackMyVm Clover Walkthrough

https://hackmyvm.eu/machines/machine.php?vm=CloverScan ports.nmap -sV -sC -p- 192.168.56.99  -oN ports.logLog in ftp anonymous, found 5 text files, but no useful.Scan port 80.gobuster dir -u http://19

HackMyVm Driftingblues7 Walkthrough

https://hackmyvm.eu/machines/machine.php?vm=Driftingblues7Scan ports.nmap -sV -sC -p- 192.168.56.99  -oN ports.logCheck port 80, redirect to port 443, it's eyesofnetwork app login panel.Scan port 66.gobuster&nbs

Vulnhub shenron: 2 Walkthrough

https://www.vulnhub.com/entry/shenron-2,677/Scan ports.Scan port 80, nothing useful.Scan 8080, looks like a wordpress site.Check source code of index.php, in order to make wordpress works,  need to add http://shenron to /etc/hosts. Wpscan found

Vulnhub hacksudo: aliens Walkthrough

https://www.vulnhub.com/entry/hacksudo-aliens,676/Scan ports.Scan port 80.In /backup/mysql.bak, found credentials.Log in phpmyadmin at port  9000 using this credentials. Create a shell php.SELECT "<?php system($_GET['c'
<< 1 2 > >>

Powered By Z-BlogPHP 1.7.1