![[Meachines] [Easy] Safe BOF+ROP链+.data节区注入BOF+函数跳转…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/d1d43ebd914cc7b2bbfafffb4e3f75-400x280-c.jpg "[Meachines] [Easy] Safe BOF+ROP链+.data节区注入BOF+函数跳转…缩略图")
信息收集IP AddressOpening Ports10.10.10.147TCP:22,80,1337$ nmap -p- 10.10.10.147 --min-rate 10…
![[Meachines] [Easy] Devel FTP匿名访问文件上传+MS10-015权限提升缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/454af9375979557fa57f6763a55300-400x280-c.jpg "[Meachines] [Easy] Devel FTP匿名访问文件上传+MS10-015权限提升缩略图")
信息收集IP AddressOpening Ports10.10.10.5TCP:21,80$ nmap -p- 10.10.10.5 --min-rate 1000 -sC -s…
![[Meachines] [Medium] Chatterbox AChat 缓冲区溢出 + MSF自…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/28d6a6d5f64704e5e35fd8610ec1c1-400x280-c.jpg "[Meachines] [Medium] Chatterbox AChat 缓冲区溢出 + MSF自…缩略图")
信息收集IP AddressOpening Ports10.10.10.74TCP:135,139,445,9255,9256$ nmap -p- 10.10.10.74 --mi…
![[Meachines] [Medium] Silo Oracle DB读写执行文件+Oracle D…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/a34b399d444bfebdd1802bb5c44265-400x280-c.jpg "[Meachines] [Medium] Silo Oracle DB读写执行文件+Oracle D…缩略图")
信息收集IP AddressOpening Ports10.10.10.82TCP:80,135,139,445,1521,49152,49153,49154,49155,4915…
![[Meachines] [Hard] Conceal SNMP配置不当PSK泄露+IPSec-IKE…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/f68c96c38b22304f84cd85c699ab3b-400x280-c.jpg "[Meachines] [Hard] Conceal SNMP配置不当PSK泄露+IPSec-IKE…缩略图")
信息收集IP AddressOpening Ports10.10.10.116UDP:161,500$ sudo nmap -sU -sC --top-ports 20 10.10…
![[Meachines] [Easy] Buff Gym-CMS-RCE+Chisel端口转发+Clo…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/26f3432e9076859746c1d3a43e6e00-400x280-c.jpg "[Meachines] [Easy] Buff Gym-CMS-RCE+Chisel端口转发+Clo…缩略图")
信息收集IP AddressOpening Ports10.10.10.198TCP:7680,8080$ nmap -p- 10.10.10.198 --min-rate 100…
![[Meachines] [Easy] Forest AS-REP+TGT +WinRM +DCSyn…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/ff85dc8ba13c50ed7ccaa988b727df-400x280-c.jpg "[Meachines] [Easy] Forest AS-REP+TGT +WinRM +DCSyn…缩略图")
信息收集IP AddressOpening Ports10.10.10.161TCP:53/tcp, 88/tcp, 135/tcp, 139/tcp, 389/tcp, 445/…
![[Meachines] [Easy] BoardLight Dolibarr17.0.0-RCE+E…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/d8a06cc70b57cd01ccbeb6b4d63118-400x280-c.jpg "[Meachines] [Easy] BoardLight Dolibarr17.0.0-RCE+E…缩略图")
信息收集IP AddressOpening Ports10.10.11.11TCP:22,80$ nmap -p- 10.10.11.11 --min-rate 1000 -sC …
![[Meachines] [Easy] grandpa IIS 6.0+CVE-2017-7269+M…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/db1f4ec1458ce001e0afa73b2d8e05-400x280-c.jpg "[Meachines] [Easy] grandpa IIS 6.0+CVE-2017-7269+M…缩略图")
信息收集IP AddressOpening Ports10.10.10.14TCP:80$ nmap -p- 10.10.10.14 --min-rate 1000 -sC -sV…
![[Meachines] [Easy] granny IIS 6.0+CVE-2017-7269+进程…缩略图](https://www.4awl.net/wp-content/cache/thumbnails/2024/09/fa5971226279ba7f02d16717846cc5-400x280-c.jpg "[Meachines] [Easy] granny IIS 6.0+CVE-2017-7269+进程…缩略图")
信息收集IP AddressOpening Ports10.10.10.15TCP:80$ nmap -p- 10.10.10.15 --min-rate 1000 -sC -sV…