VulnHub靶场系列：Flick

最新推荐文章于 2024-07-15 16:42:50 发布

快吃小蛋糕吧

最新推荐文章于 2024-07-15 16:42:50 发布

阅读量1.2k

点赞数

分类专栏：网络安全 web 文章标签：安全

本文链接：https://blog.csdn.net/qq_40549070/article/details/108909880

版权

VulnHub靶场系列：Flick

今天意外看到一个VulnHub上的一个靶场的WriteUp，觉得挺有意思，所以自己试着做一遍并记录下来。

环境部署：

下载靶场并导入到VMware中：

https://download.vulnhub.com/flick/flick.tar.gz

实战：

首先使用工具扫描整个网段得到靶机IP：

fping -g 192.168.142.0/24

得到靶机IP后使用Nmap工具检测服务器开放端口：

nmap -sV -p1-65535 192.168.142.35

这里发现服务器开启了22，8881端口。

root@kali:/# nmap -sV -p1-65535 192.168.142.35
Starting Nmap 7.80 ( https://nmap.org ) at 2020-10-02 17:26 CST
Nmap scan report for 192.168.142.35
Host is up (0.00081s latency).
Not shown: 65533 closed ports
PORT     STATE SERVICE   VERSION
22/tcp   open  ssh       OpenSSH 5.9p1 Debian 5ubuntu1.1 (Ubuntu Linux; protocol 2.0)
8881/tcp open  galaxy4d?
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port8881-TCP:V=7.80%I=7%D=10/2%Time=5F76F239%P=x86_64-pc-linux-gnu%r(NU
SF:LL,5F,"Welcome\x20to\x20the\x20admin\x20server\.\x20A\x20correct\x20pas
SF:sword\x20will\x20'flick'\x20the\x20switch\x20and\x20open\x20a\x20new\x2
SF:0door:\n>\x20")%r(GetRequest,78,"Welcome\x20to\x20the\x20admin\x20serve
SF:r\.\x20A\x20correct\x20password\x20will\x20'flick'\x20the\x20switch\x20
SF:and\x20open\x20a\x20new\x20door:\n>\x20OK:\x20GET\x20/\x20HTTP/1\.0\r\n
SF:\r\n\n>\x20")%r(FourOhFourRequest,9B,"Welcome\x20to\x20the\x20admin\x20
SF:server\.\x20A\x20correct\x20password\x20will\x20'flick'\x20the\x20switc
SF:h\x20and\x20open\x20a\x20new\x20door:\n>\x20OK:\x20GET\x20/nice%20ports
SF:%2C/Tri%6Eity\.txt%2ebak\x20HTTP/1\.0\r\n\r\n\n>\x20")%r(GenericLines,6
SF:A,"Welcome\x20to\x20the\x20admin\x20server\.\x20A\x20correct\x20passwor
SF:d\x20will\x20'flick'\x20the\x20switch\x20and\x20open\x20a\x20new\x20doo
SF:r:\n>\x20OK:\x20\r\n\r\n\n>\x20")%r(HTTPOptions,7C,"Welcome\x20to\x20th
SF:e\x20admin\x20server\.\x20A\x20correct\x20password\x20will\x20'flick'\x
SF:20the\x20switch\x20and\x20open\x20a\x20new\x20door:\n>\x20OK:\x20OPTION
SF:S\x20/\x20HTTP/1\.0\r\n\r\n\n>\x20")%r(RTSPRequest,7C,"Welcome\x20to\x2
SF:0the\x20admin\x20server\.\x20A\x20correct\x20password\x20will\x20'flick
SF:'\x20the\x20switch\x20and\x20open\x20a\x20new\x20door:\n>\x20OK:\x20OPT
SF:IONS\x20/\x20RTSP/1\.0\r\n\r\n\n>\x20")%r(RPCCheck,92,"Welcome\x20to\x2
SF:0the\x20admin\x20server\.\x20A\x20correct\x20password\x20will\x20'flick
SF:'\x20the\x20switch\x20and\x20open\x20a\x20new\x20door:\n>\x20OK:\x20\x8
SF:0\0\0\(r\xfe\x1d\x13\0\0\0\0\0\0\0\x02\0\x01\x86\xa0\0\x01\x97\|\0\0\0\
SF:0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\n>\x20")%r(DNSVersionBindReqTCP,86,"W
SF:elcome\x20to\x20the\x20admin\x20server\.\x20A\x20correct\x20password\x2
SF:0will\x20'flick'\x20the\x20switch\x20and\x20open\x20a\x20new\x20door:\n
SF:>\x20OK:\x20\0\x1e\0\x06\x01\0\0\x01\0\0\0\0\0\0\x07version\x04bind\0\0
SF:\x10\0\x03\n>\x20")%r(DNSStatusRequestTCP,74,"Welcome\x20to\x20the\x20a
SF:dmin\x20server\.\x20A\x20correct\x20password\x20will\x20'flic

最低0.47元/天解锁文章

快吃小蛋糕吧

关注

0
点赞
踩
2

收藏

觉得还不错? 一键收藏
1
评论
VulnHub靶场系列：Flick

VulnHub靶场系列：Flick今天意外看到一个VulnHub上的一个靶场的WriteUp，觉得挺有意思，所以自己试着做一遍并记录下来。环境部署：下载靶场并导入到VMware中：https://download.vulnhub.com/flick/flick.tar.gz实战：首先使用工具扫描整个网段得到靶机IP：fping -g 192.168.142.0/24得到靶机IP后使用Nmap工具检测服务器开放端口：nmap -sV -p1-65535 192.168.142.35
复制链接

扫一扫