![[Offsec Lab] ICMP Monitorr-RCE+hping3权限提升缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/10/e2943b563b032734b88431bd582b21-400x280-c.jpg "[Offsec Lab] ICMP Monitorr-RCE+hping3权限提升缩略图")
信息收集IP AddressOpening Ports192.168.52.218TCP:22,80$ nmap -p- 192.168.52.218 --min-rate 100…
![[Meachines] [Easy] Sea WonderCMS-XSS-RCE+System Mo…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/10/94931c60b24ef99f4ec3cab6db2c86-400x280-c.jpg "[Meachines] [Easy] Sea WonderCMS-XSS-RCE+System Mo…缩略图")
信息收集IP AddressOpening Ports10.10.11.28TCP:22,80$ nmap -p- 10.10.11.28 --min-rate 1000 -sC …
信息收集IP AddressOpening Ports10.10.10.192TCP:53, 88, 135/tcp, 389/tcp, 445/tcp, 593/tcp, 326…
0x00 前言:近期刷到的不错的ctf平台,权当看个乐。0x01 RE? :这道题考的有些许的偏门,首先下载附件,名为udf.so.(一大堆字符)。Udf为mysql 的一个扩展接…
![[Meachines] [Medium] Sniper RFI包含远程SMB+ powershell…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/ca45a690c4bee39327fae628aa8391-400x280-c.jpg "[Meachines] [Medium] Sniper RFI包含远程SMB+ powershell…缩略图")
信息收集IP AddressOpening Ports10.10.10.151TCP:80,135,139,445,49667$ nmap -p- 10.10.10.151 --m…
![[Meachines] [Medium] Querier XLSM宏+MSSQL NTLM哈希窃取(…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/b421a60698df149fb78f89585f7011-400x280-c.jpg "[Meachines] [Medium] Querier XLSM宏+MSSQL NTLM哈希窃取(…缩略图")
信息收集IP AddressOpening Ports10.10.10.125TCP:135, 139, 445, 1433, 5985, 47001, 49664, 49665,…
![[Meachines] [Medium] Jeeves Jenkins-RCE+KeePass-Cr…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/5b8d756637a993ab1d9a64d7d54a18-400x280-c.jpg "[Meachines] [Medium] Jeeves Jenkins-RCE+KeePass-Cr…缩略图")
信息收集IP AddressOpening Ports10.10.10.63TCP:80,135,445,50000$ nmap -p- 10.10.10.63 --min-rat…
![[Meachines] [Insane] Jail BOF+Socket Re-Use+NFS UI…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/f53cbd17d83ae5e1313b8357563c1a-400x280-c.jpg "[Meachines] [Insane] Jail BOF+Socket Re-Use+NFS UI…缩略图")
概要总的来说这个靶机局限性很强,流量出入口只能是22,2049,7411。无法在靶机建立反向shell到kali(root用户防火墙过滤策略)。你需要通过这个极其狭小的空间进行权限…
![[Meachines] [Hard] Falafel SQLMAP 登入页面盲注+文件截断上传+MC…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/c4644430151d8f5ec4216411cf74e2-400x280-c.jpg "[Meachines] [Hard] Falafel SQLMAP 登入页面盲注+文件截断上传+MC…缩略图")
信息收集IP AddressOpening Ports10.10.10.73TCP:22,80$ nmap -p- 10.10.10.73 --min-rate 1000 -sC …
![[Meachines] [Hard] Quick HTTP3(QUIC)+ESI-Injection…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/229e37e9b2bcc5b54de2caeb8263ed-400x280-c.jpg "[Meachines] [Hard] Quick HTTP3(QUIC)+ESI-Injection…缩略图")
信息收集IP AddressOpening Ports10.10.10.186TCP:22,9001$ nmap -p- 10.10.10.186 --min-rate 1000 …