TryHackme之Vulnversity提权攻略
作者:互联网
首先用NMAP工具扫描目标:
# nmap -sV 10.10.66.138 Starting Nmap 7.92 ( https://nmap.org ) at 2022-04-22 06:43 EDT Nmap scan report for 10.10.66.138 Host is up (0.26s latency). Not shown: 994 closed tcp ports (reset) PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.7 (Ubuntu Linux; protocol 2.0) 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) 445/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP) 3128/tcp open http-proxy Squid http proxy 3.5.12 3333/tcp open http Apache httpd 2.4.18 ((Ubuntu)) Service Info: Host: VULNUNIVERSITY; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 40.94 seconds
根据题目描述,接下来需要用gobuster工具扫描网站的目录:
(root标签:bin,http,service,66.138,提权,usr,Vulnversity,root,TryHackme 来源: https://www.cnblogs.com/jason-huawen/p/16180270.html