Windy's little blog

一切生活中的杂七杂八, and I like CTF.

HackMyVm Clover Walkthrough

https://hackmyvm.eu/machines/machine.php?vm=CloverScan ports.nmap -sV -sC -p- 192.168.56.99  -oN ports.logLog in ftp anonymous, found 5 text files, but no useful.Scan port 80.gobuster dir -u http://19

HackMyVm Driftingblues7 Walkthrough

https://hackmyvm.eu/machines/machine.php?vm=Driftingblues7Scan ports.nmap -sV -sC -p- 192.168.56.99  -oN ports.logCheck port 80, redirect to port 443, it's eyesofnetwork app login panel.Scan port 66.gobuster&nbs

Vulnhub shenron: 2 Walkthrough

https://www.vulnhub.com/entry/shenron-2,677/Scan ports.Scan port 80, nothing useful.Scan 8080, looks like a wordpress site.Check source code of index.php, in order to make wordpress works,  need to add http://shenron to /etc/hosts. Wpscan found

Vulnhub hacksudo: aliens Walkthrough

https://www.vulnhub.com/entry/hacksudo-aliens,676/Scan ports.Scan port 80.In /backup/mysql.bak, found credentials.Log in phpmyadmin at port  9000 using this credentials. Create a shell php.SELECT "<?php system($_GET['c'

HackMyVm T800 Walkthrough (X11 forwarding through ssh, conky)

https://hackmyvm.eu/machines/machine.php?vm=T800Very interesting machine, I have to spend whole day learning how to doX11 forwarding and how to config conky, in order to solve it.Scan ports first.Scan port 80, at /index.html, found username "ruu

Vulnhub Bluemoon 2021 Walkthrough

https://www.vulnhub.com/entry/bluemoon-2021,679/Simple and straightforward one.Scan ports.Scan port 80, check hidden_text file.Decrypt the png to text,get username and password of ftp.Login ftp, download information.txt, find username robin, and a pa

HackMyVm Eighty Walkthrough

https://hackmyvm.eu/machines/machine.php?vm=EightyInteresting machine, thanks sML@HackMyVm.Scan ports.Port 80 is unavailable right now. Port 70 is not http, but gopher (which is not familiar).We can use firefox to visit port 70. Also, we can use &quo

HackMyVm Eyes Walkthrough

https://hackmyvm.eu/machines/machine.php?vm=EyesScan ports.Log in ftp as anonymous, and get index.php.Check the source code of index.php, has LFI.<?php $file = $_GET['fil3']; if(isset($file)) { include($file); } else { pr

Vulnhub hacksudo:3 Walkthrough

https://www.vulnhub.com/entry/hacksudo-3,671/Scan port 80, find a lot php files. Most of them are rabbit holes.Get code injecting through fuzzing generator.php.Then we can upload a php shell, and  get reverse shell. In /var/www, find a file name

Vulnhub hacksudo:2 Walkthrough

https://www.vulnhub.com/entry/hacksudo-2-hackdudo,667/Scan ports.Scan port 80.Info.php is phpinfo, file.php has LFI vunerability.Use pwn code to get a cmd shell.https://raw.githubusercontent.com/vulhub/vulhub/master/php/inclusion/exp.pyCheck if the s
<< < 2 3 4 5 6 7 8 9 10 11 > >>

Powered By Z-BlogPHP 1.7.1