Vulnhub bassamCTF: 1 Walkthough2021-03-06 16:42:04
Machine is here.Nmap scan ports.Port 80 only has one file.Get domain name from index.html.Add it to /etc/hosts, then brute force vhost.gobuster vhost -u http://bassam.ctf -w /usr/share/seclists/Discovery/DNS/subdomains-
HackMyVm Crossroads Walkthrough2021-03-05 22:43:07
Machine can be download here.Nmap scan ports, 80,139 and 445 are open.Port 80 is a static index.html, with nothing interesting. Gobuster scan port 80, we get robots.txt and note.txt, but nothing useful too.Move to smb. Smbclient with no usernam
HackMyVm Satori Walkthrough2021-03-05 20:41:52
Machine can be download here.Nmap scan ports. 21,22,80 three ports open.Ftp login as anonymous, find a mkv file with no use.Scan port 80, find index.html and stream.php.Open index.html, looks like a youtube downloader.Check source code of index.html,
HackMyVm Driftingblues5 Walkthrough2021-03-01 23:44:53
A not so easy machine made by tasiyanci, can be download here.Thanks tasiyanci for the hints.Nmap scan ports, 22 and 80.Open port 80, it's a wordpress site.Wpscan the site, found some usernames, but no vulnerable plugins.wpscan --url ht
《从0到1:CTFer的成长之道》1.3“任意文件读取漏洞”第3题2021-02-28 21:21:04
边学习边记录。首先推荐一篇介绍SSTI的好文章。按照官方指南,docker-compose下载并运行,访问本机5000商品,显示一个输入框。随便输入个123,显示N1 page页面,且123被输出了。在burpsuite中看一下,这是个post页面,其中的session是可以注入的,后面看到。点击article后,在bp中随便输入后,可以爆出路径。这个参数带有LFI漏洞。尝试不同输入,/proc/self/environ查看环境变量,爆出服务器路径为/home/sssssserver。Serve
HackMyVm Speed Walkthrough2021-02-18 23:25:57
Another interesting machine from HackMyVm, can be download here.Nmap scan ports, find 22,80,7080 and 8088.Port 80 is a service named "sar2html".Port 7080 is OpenLiteSpeed Control Panel.Port 8088 is a sample site of OpenLiteSpeed.Search the
HackMyVm Talk Walkthrough2021-02-18 22:35:20
Easy one, can be download here.Following is a very simple walkthrough.Scan ports, find 22 and 80. Open Port 80, a chat service.Username has sql injection. So burpsuite capture the post data, and use sqlmap to dump databases.(User temp is regist
HackMyVm Orasi Walkthrough(SSTI, ELF analysis, APK analysis)2021-02-17 13:59:47
Machine can be download here.Nmap scan ports, 4 ports open.Anonymous login ftp, get a file named "url".Download "url", check filetype, a ELF file.Use "strings" cmd to check useful strings, get nothing but a hint.Check th
HackMyVm Gigachad Walkthrough2021-02-12 11:13:19
Happy Chinese New Year for all CTFers!Machines can be download here.Nmap scan ports.Login ftp as anonymous, get a file.Check file type, it's a zip. Unzip it, get a usrname "chad", and an png file.Check the image, a beautiful building.Fo
HackMyVm Hash Walkthrough(php magic hashes, .Xauthority)2021-02-08 08:06:39
Very interesting machine from HackMyVm, can be download here.Nmap scan ports.Check source code of index.html.Add ".bak" to the extension and scan files of port 80.Download check.bak and check source code.<?php
// Login part.
- 搜索
- 最新留言
-
- 大哥牛,前面轻轻松松后面死活拿不到rootshell。这反编译看懵逼了
- 老哥,我想看samrasa的
- 老哥你好,在你写的书.net加密与解密中看到有#-流相关的, 让读者需要详细了解可查, 但是最近一直查不到详细文档, 只在github的dnlib等代码能看到些逻辑, 但是不系统. 想来书中既然说需要详细了解可自己查,应该是有些方法的, 能否请简单说几个搜索关键词,谢谢 (我查过 uncompress stream , enc 等,结果都很简单)
- 好滴 多谢
- 你在hackmyvm里找个栏目嚷一嗓子,或者搜索Darkmatter已经拿到root的随便谁都可以问。这个vm中间有一个地方没法过,基本上都是作者告知密码才过的。
- 你的discord的username和tag是多少呀?多谢
- 过程太曲折,不准备写了,可在discord联系
- 老哥,有空hackmyvm的darkmatter写个writeup呗。多谢。
- 当前用户必须是kori,然后用sodu cp把apk文件从irida/里面复制出来,再下载。这个机器我已经删除了,所以很多细节想不起来。你可以在discord频道里问问其他人。
- 提示权限不够 用python3 -m http.server,然后wget也是提示权限不够
- 文章归档
Powered By Z-BlogPHP 1.7.3