Vulnhub系列:DC-2
环境准备:
DC-2靶机
Kali linux
Vmware或vm box
工具:
nmap,
wpscan
cewl
流程:
Nmap进行信息收集
进入页面发现是WordPress,寻找漏洞利用,但需要密码,找到flag1
Cewl生成密码字典
WordPress可以用wpscan扫出安全漏洞数量和用户名加爆破密码
登录网站,找到flag2
然后就通过ssh连接,找到flag3
绕过rbash,找到flag4
用git提权。找到最后的flag
Description
Much like DC-1, DC-2 is another purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing.
As with the original DC-1, it’s designed with beginners in mind.
Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools.
Just like with DC-1, there are five flags including the final flag.
And again, just like with DC-1, the flags are important for beginners, but not so important for those who have experience.
In shor