MikannseのSekai

端口扫描sudo nmap --min-rate 10000 -p- 10.10.181.211 [sudo] mikannse 的密码：Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-19 00:01 CSTWarning: 10.10.181.211 giving up on port because retransmission cap hit (10).Nmap scan report for 10.10.181.211Host is up (0.22s latency).Not shown: 65306 closed tcp ports (reset), 200 filtered tcp ports (no-response)PORT STATE SERVICE53/tcp open domain80/tcp open http88/tcp open kerberos-sec135/tcp open msrpc139/tcp open netbios-s ...

端口扫描sudo nmap --min-rate 10000 -p- 10.10.144.20 [sudo] mikannse 的密码：Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-17 13:55 CSTNmap scan report for 10.10.144.20Host is up (0.25s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE22/tcp open ssh80/tcp open http sudo nmap -sT -sV -sC -O -p22,80 10.10.144.20 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-17 13:56 CSTNmap scan report for 10.10.144.20Host is up (0.22s latency).PORT STATE SERVICE VERSION22/tcp open ssh ...

端口扫描sudo nmap --min-rate 10000 -p- 10.10.194.143 [sudo] mikannse 的密码：Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-16 20:55 CSTWarning: 10.10.194.143 giving up on port because retransmission cap hit (10).Nmap scan report for 10.10.194.143Host is up (0.23s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE22/tcp open ssh80/tcp open http sudo nmap -sT -sV -sC -O -p22,80 10.10.194.143 [sudo] mikannse 的密码：Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-1 ...

端口扫描sudo nmap --min-rate 10000 -p- 10.10.35.124 [sudo] mikannse 的密码：Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-15 11:18 CSTNmap scan report for 10.10.35.124Host is up (0.22s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE21/tcp open ftp80/tcp open http sudo nmap -sT -sV -sC -O -p21,80 10.10.35.124 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-15 11:20 CSTNmap scan report for 10.10.35.124Host is up (0.21s latency).PORT STATE SERVICE VERSIO ...

端口扫描sudo nmap --min-rate 10000 -p- 10.10.145.77 [sudo] mikannse 的密码：Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-13 23:55 CSTNmap scan report for 10.10.145.77Host is up (0.25s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE22/tcp open ssh80/tcp open http sudo nmap -sT -sV -sC -O -p22,80 10.10.145.77 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-13 23:58 CSTNmap scan report for 10.10.145.77Host is up (0.23s latency).PORT STATE SERVICE VERSION22/tc ...

主机发现sudo nmap -sn 192.168.162.0/24 端口扫描sudo nmap --min-rate 10000 -p- 192.168.162.147 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-09 11:24 CSTNmap scan report for 192.168.162.147Host is up (0.00046s latency).Not shown: 65532 closed tcp ports (reset)PORT STATE SERVICE22/tcp open ssh80/tcp open http3306/tcp open mysqlMAC Address: 00:0C:29:2C:C9:48 (VMware) sudo nmap -sT -sV -sC -O -p22,80,3306 192.168.162.147 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-09 11:25 CSTNmap ...

目标复现CVE-2016-4437shiro反序列化漏洞 环境搭建在centos的虚拟机中使用docker搭建vulhub,下载，然后unzip https://github.com/vulhub/vulhub/archive/master.zip cd vulhub-master/shiro/CVE-2016-4437 sudo docker compose up -d 复现端口默认开设在8080,浏览器中访问http://ip:8080 有一个登录框，登陆抓包,发送到repeater将Cookie改为 remember Me=1发包之后如果响应包中有rememberMe=deleteMe，则可以确认网站时apache shiro搭建的 https://pan.baidu.com/s/1kvQEMrMP-PZ4K1eGwAP0_Q?pwd=zbgp 利用shiroattack自动化工具。记住要在命令行里打开，右键打开会出一些问题。输入URL，爆破密码，利用链。如果没问题，就可以命令执行了。

主机发现sudo nmap -sn 192.168.162.0/24 端口扫描sudo nmap --min-rate 10000 -p- 192.168.162.146 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-08 21:26 CSTNmap scan report for 192.168.162.146Host is up (0.00055s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE21/tcp open ftp80/tcp open httpMAC Address: 00:0C:29:92:2A:A9 (VMware) sudo nmap -sT -sV -sC -O -p21,80 192.168.162.146Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-08 21:26 CSTNmap scan report for 192.168.162.146Ho ...

主机发现sudo nmap -sn 192.168.162.0/24 端口扫描sudo nmap --min-rate 10000 -p- 192.168.162.144 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-05 21:04 CSTNmap scan report for 192.168.162.144Host is up (0.00079s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE1337/tcp open waste3306/tcp open mysqlMAC Address: 00:0C:29:7C:45:00 (VMware) sudo nmap -sT -sV -sC -O -p1337,3306 192.168.162.144 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-05 21:04 CSTNmap scan report for 1 ...

主机发现sudo nmap -sn 192.168.162.0/24 端口扫描sudo nmap --min-rate 10000 -p- 192.168.162.143 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-03 21:51 CSTNmap scan report for 192.168.162.143Host is up (0.00060s latency).Not shown: 65533 closed tcp ports (reset)PORT STATE SERVICE22/tcp open ssh80/tcp open httpMAC Address: 00:0C:29:39:48:43 (VMware) sudo nmap -sT -sV -sC -O -p22,80 192.168.162.143 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-03 21:52 CSTNmap scan report for 192.168.16 ...

主机发现sudo nmap -sn 192.168.162.0/24 端口扫描sudo nmap --min-rate 10000 -p- 192.168.162.142 Starting Nmap 7.94 ( https://nmap.org ) at 2023-09-01 16:56 CSTNmap scan report for 192.168.162.142Host is up (0.00050s latency).Not shown: 65531 closed tcp ports (reset)PORT STATE SERVICE21/tcp open ftp80/tcp open http2211/tcp open emwin8888/tcp open sun-answerbookMAC Address: 00:0C:29:03:AB:DC (VMware) sudo nmap -sT -sV -sC -O -p21,80,2211,8888 192.168.162.142Starting Nmap 7.94 ( https://nmap.or ...

安装docker-compose sudo curl -L "https://github.com/docker/compose/releases/download/v2.2.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose sudo chmod +x /usr/local/bin/docker-compose sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose mkdir gzctf && cd gzctf 根据 https://docs.ctf.gzti.me/quick-start 创建appsettings.json和docker-compose.yml 管理员账户密码要大于6位数 docker-compose.yml删掉ks8那行 { "AllowedHosts": "*", "ConnectionStrings": { "Database": "Host=db:54 ...