信息侦察阶段
用dirb扫描发现以下信息
---- Entering directory: http://172.16.100.142/vendor/ ----
(!) WARNING: Directory IS LISTABLE. No need to scan it.
(Use mode ‘-w’ if you want to scan it anyway)
找到第一个flag
寻找PHPMailer 5.2.16 的exp
searchsploit phpmailer
拷贝exp到当前目录
利用40974.py