0x01 部署
靶机地址:
DESCRIPTION
DC-4 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
Unlike the previous DC releases, this one is designed primarily for beginners/intermediates. There is only one flag, but technically, multiple entry points and just like last time, no clues.
Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools.
For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward.
只有一个flag
0x02 信息收集
靶机使用vmware部署,NAT模式
nmap扫描网段
nmap -sP 192.168.190.0/24
发现靶机IP:192.168.190.139,继续扫描
nmap -T5 -A -v -p- 192.168.190.139
结果:
Starting Nmap 7.91 ( https://nmap.org ) at 2021-09-26 14:27 CST
NSE: Loaded 153