THM – Vulnerability Caspstone What is the name of the application running on the vulnerable machine? 先扫一下常规端口： 1 2 3 4 5 6 7 8 9 10 11 12 13 ┌──(v4ler1an㉿kali)-[~] └─$ sudo nmap -sV -T4 -Pn 10.10.217.113 Starting

Vulnhub Training – Hackme Knowledge sqlmap - SQL Injection Scanner webshell - php-reverse-shell.php 1. Environment Setup OVA Download Link：https://download.vulnhub.com/hackme/hackme.ova Just download it and run in vmware, the environment OS is ubunutu 18.04, so it work well in VMware. 2. Reconnaisence 1. IP Address scan ip: 1 2 3 4 5 6 7 8 9 10 11 12 ┌──(v4ler1an㉿kali)-[~/Documents/tools/proxy] └─$ sudo arp-scan -l [sudo] password for v4ler1an: Interface: eth0, type: EN10MB, MAC: 00:0c:29:9d:5b:9e, IPv4: 172.

Knowledge wpscan - WordPress Scanner hydra – ssh username and password brute force 1. Environment Setup 常规设置，如果使用vmware的话就需要配置一下网络。 2. Reconnaisence 1. IP Address arp-scan扫一下： 1 2 3 4 5 6 7 8 9 10

Vulnhub靶场练习 – Drippingblues Knowledge robots.txt - spider dined fcrackzip - zip password crack ffuf - url parameters fuzz polkit - CVE-2021-4034 privilege escalation 1. Environment Setup 靶机下载链接：drippingblues 这个环境直接用VMware没