靶机下载
网络NAT
arp-scan -l
nmap -p 1-65535 -A 192.168.194.157
访问http
dirb http://192.168.194.157
再使用dirb工具加上参数过滤一下
dirb http://192.168.194.157 -X .txt,.php,zip
fuzz
location.txt
page of php :
-
http://192.168.194.157/image.php
-
http://192.168.194.157/index.php
wpscan枚举用户
wpscan --url http://192.168.194.157/wordpress/ --enumerate u
得到用户victor
使用Kali自带的wfuzz
wfuzz -w /usr/share/wfuzz/wordlist/general/common.txt http://192.168.194.157/index.php?FUZZ