TryHackme之Vulnversity提权攻略

首先用NMAP工具扫描目标：

# nmap -sV 10.10.66.138
Starting Nmap 7.92 ( https://nmap.org ) at 2022-04-22 06:43 EDT
Nmap scan report for 10.10.66.138
Host is up (0.26s latency).
Not shown: 994 closed tcp ports (reset)
PORT     STATE SERVICE     VERSION
21/tcp   open  ftp         vsftpd 3.0.3
22/tcp   open  ssh         OpenSSH 7.2p2 Ubuntu 4ubuntu2.7 (Ubuntu Linux; protocol 2.0)
139/tcp  open  netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
445/tcp  open  netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
3128/tcp open  http-proxy  Squid http proxy 3.5.12
3333/tcp open  http        Apache httpd 2.4.18 ((Ubuntu))
Service Info: Host: VULNUNIVERSITY; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 40.94 seconds

根据题目描述，接下来需要用gobuster工具扫描网站的目录：

(root
标签：bin,http,service,66.138,提权,usr,Vulnversity,root,TryHackme	

来源： https://www.cnblogs.com/jason-huawen/p/16180270.html