OWASP Juice Shop 学习 二 主动侦察 2

已于 2022-04-30 20:39:48 修改
阅读量3.9k 收藏
点赞数
分类专栏: 安全 文章标签: web安全
于 2022-04-17 10:41:38 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_43838889/article/details/124222943
版权

OWASP Juice Shop 学习 二 主动侦察 2

第三阶段:有针对性的扫描(接)

使用 nikto 进行Web服务进行扫描

[root@192 program]# ./nikto.pl -h 192.168.31.202
- ***** SSL support not available (see docs for SSL install) *****
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          192.168.31.202
+ Target Hostname:    192.168.31.202
+ Target Port:        80
+ Start Time:         2022-04-16 08:11:57 (GMT-7)
---------------------------------------------------------------------------
+ Server: No banner retrieved
+ Retrieved access-control-allow-origin header: *
+ No CGI Directories found (use '-C all' to force check all possible dirs)
line: /ftp/
+ Entry '/ftp/' in robots.txt returned a non-forbidden or redirect HTTP code (200)
+ "robots.txt" contains 1 entry which should be manually viewed.
+ /database.cer: Potentially interesting backup/cert file found. 
+ /192_168_31_202.tgz: Potentially interesting backup/cert file found. 
+ /192.168.alz: Potentially interesting backup/cert file found. 
+ /19216831202.tar.bz2: Potentially interesting backup/cert file found. 
+ /202.tgz: Potentially interesting backup/cert file found. 
+ /192168.jks: Potentially interesting backup/cert file found. 
+ /192.168.egg: Potentially interesting backup/cert file found. 
+ /dump.war: Potentially interesting backup/cert file found. 
+ /archive.egg: Potentially interesting backup/cert file found. 
+ /backup.alz: Potentially interesting backup/cert file found. 
+ /database.egg: Potentially interesting backup/cert file found. 
+ /site.tar.lzma: Potentially interesting backup/cert file found. 
+ /31.cer: Potentially interesting backup/cert file found. 
+ /202.pem: Potentially interesting backup/cert file found. 
+ /192_168_31_202.tar.bz2: Potentially interesting backup/cert file found. 
+ /backup.jks: Potentially interesting backup/cert file found. 
+ /192.168.31.jks: Potentially interesting backup/cert file found. 
+ /site.tar.bz2: Potentially interesting backup/cert file found. 
+ /19216831202.alz: Potentially interesting backup/cert file found. 
+ /192.cer: Potentially interesting backup/cert file found. 
+ /192_168_31_202.jks: Potentially interesting backup/cert file found. 
+ /202.jks: Potentially interesting backup/cert file found. 
+ /19216831.tar.lzma: Potentially interesting backup/cert file found. 
+ /site.war: Potentially interesting backup/cert file found. 
+ /19216831.tar.bz2: Potentially interesting backup/cert file found. 
+ /192168.pem: Potentially interesting backup/cert file found. 
+ /168.egg: Potentially interesting backup/cert file found. 
+ /202.tar: Potentially interesting backup/cert file found. 
+ /backup.tar: Potentially interesting backup/cert file found. 
+ /168.tgz: Potentially interesting backup/cert file found. 
+ /archive.alz: Potentially interesting backup/cert file found. 
+ /backup.tar.lzma: Potentially interesting backup/cert file found. 
+ /192.168.31.tar.lzma: Potentially interesting backup/cert file found. 
+ /database.tgz: Potentially interesting backup/cert file found. 
+ /192.168.31.alz: Potentially interesting backup/cert file found. 
+ /192.168.31.202.tar.bz2: Potentially interesting backup/cert file found. 
+ /192_168_31_202.pem: Potentially interesting backup/cert file found. 
+ /database.tar.lzma: Potentially interesting backup/cert file found. 
+ /192.168.31.war: Potentially interesting backup/cert file found. 
+ /19216831.war: Potentially interesting backup/cert file found. 
+ /192_168_31_202.cer: Potentially interesting backup/cert file found. 
+ /192168.tgz: Potentially interesting backup/cert file found. 
+ /19216831.tar: Potentially interesting backup/cert file found. 
+ /19216831.egg: Potentially interesting backup/cert file found. 
+ /192.168.31.202.tar.lzma: Potentially interesting backup/cert file found. 
+ /dump.tgz: Potentially interesting backup/cert file found. 
+ /202.cer: Potentially interesting backup/cert file found. 
+ /dump.cer: Potentially interesting backup/cert file found. 
+ /192168.egg: Potentially interesting backup/cert file found. 
+ /19216831.pem: Potentially interesting backup/cert file found. 
+ /database.alz: Potentially interesting backup/cert file found. 
+ /192.168.31.202.war: Potentially interesting backup/cert file found. 
+ /31.tgz: Potentially interesting backup/cert file found. 
+ /31.pem: Potentially interesting backup/cert file found. 
+ /192168.tar.bz2: Potentially interesting backup/cert file found. 
+ /202.egg: Potentially interesting backup/cert file found. 
+ /31.tar.bz2: Potentially interesting backup/cert file found. 
+ /archive.tar.lzma: Potentially interesting backup/cert file found. 
+ /192_168_31_202.egg: Potentially interesting backup/cert file found. 
+ /backup.tgz: Potentially interesting backup/cert file found. 
+ /31.tar.lzma: Potentially interesting backup/cert file found. 
+ /168.pem: Potentially interesting backup/cert file found. 
+ /192.168.31.pem: Potentially interesting backup/cert file found. 
+ /dump.tar: Potentially interesting backup/cert file found. 
+ /192.168.31.tgz: Potentially interesting backup/cert file found. 
+ /31.jks: Potentially interesting backup/cert file found. 
+ /192.168.31.202.tgz: Potentially interesting backup/cert file found. 
+ /19216831202.egg: Potentially interesting backup/cert file found. 
+ /31.war: Potentially interesting backup/cert file found. 
+ /192.jks: Potentially interesting backup/cert file found. 
+ /backup.cer: Potentially interesting backup/cert file found. 
+ /192.pem: Potentially interesting backup/cert file found. 
+ /192168.war: Potentially interesting backup/cert file found. 
+ /31.egg: Potentially interesting backup/cert file found. 
+ /site.jks: Potentially interesting backup/cert file found. 
+ /202.tar.bz2: Potentially interesting backup/cert file found. 
+ /192.tar: Potentially interesting backup/cert file found. 
+ /19216831.jks: Potentially interesting backup/cert file found. 
+ /168.cer: Potentially interesting backup/cert file found. 
+ /168.war: Potentially interesting backup/cert file found. 
+ /31.alz: Potentially interesting backup/cert file found. 
+ /database.tar.bz2: Potentially interesting backup/cert file found. 
+ /backup.tar.bz2: Potentially interesting backup/cert file found. 
+ /168.alz: Potentially interesting backup/cert file found. 
+ /192.168.31.202.tar: Potentially interesting backup/cert file found. 
+ /19216831.alz: Potentially interesting backup/cert file found. 
+ /archive.tar.bz2: Potentially interesting backup/cert file found. 
+ /168.jks: Potentially interesting backup/cert file found. 
+ /backup.war: Potentially interesting backup/cert file found. 
+ /site.pem: Potentially interesting backup/cert file found. 
+ /dump.alz: Potentially interesting backup/cert file found. 
+ /192.168.war: Potentially interesting backup/cert file found. 
+ /19216831202.tar: Potentially interesting backup/cert file found. 
+ /backup.egg: Potentially interesting backup/cert file found. 
+ /192.168.31.202.egg: Potentially interesting backup/cert file found. 
+ /19216831.cer: Potentially interesting backup/cert file found. 
+ /dump.tar.lzma: Potentially interesting backup/cert file found. 
+ /archive.cer: Potentially interesting backup/cert file found. 
+ /database.jks: Potentially interesting backup/cert file found. 
+ /202.war: Potentially interesting backup/cert file found. 
+ /database.pem: Potentially interesting backup/cert file found. 
+ /192_168_31_202.tar.lzma: Potentially interesting backup/cert file found. 
+ /192.alz: Potentially interesting backup/cert file found. 
+ /192_168_31_202.tar: Potentially interesting backup/cert file found. 
+ /192168.cer: Potentially interesting backup/cert file found. 
+ /19216831.tgz: Potentially interesting backup/cert file found. 
+ /site.cer: Potentially interesting backup/cert file found. 
+ /dump.egg: Potentially interesting backup/cert file found. 
+ /192.egg: Potentially interesting backup/cert file found. 
+ /192.war: Potentially interesting backup/cert file found. 
+ /192168.tar: Potentially interesting backup/cert file found. 
+ /dump.jks: Potentially interesting backup/cert file found. 
+ /192.tar.bz2: Potentially interesting backup/cert file found. 
+ /192_168_31_202.war: Potentially interesting backup/cert file found. 
+ /202.tar.lzma: Potentially interesting backup/cert file found. 
+ /192.tgz: Potentially interesting backup/cert file found. 
+ /19216831202.jks: Potentially interesting backup/cert file found. 
+ /19216831202.tar.lzma: Potentially interesting backup/cert file found. 
+ /archive.tar: Potentially interesting backup/cert file found. 
+ /192.168.tar: Potentially interesting backup/cert file found. 
+ /site.tgz: Potentially interesting backup/cert file found. 
+ /site.egg: Potentially interesting backup/cert file found. 
+ /192.168.jks: Potentially interesting backup/cert file found. 
+ /192.168.31.202.pem: Potentially interesting backup/cert file found. 
+ /19216831202.cer: Potentially interesting backup/cert file found. 
+ /31.tar: Potentially interesting backup/cert file found. 
+ /19216831202.pem: Potentially interesting backup/cert file found. 
+ /192.168.31.tar: Potentially interesting backup/cert file found. 
+ /192_168_31_202.alz: Potentially interesting backup/cert file found. 
+ /dump.tar.bz2: Potentially interesting backup/cert file found. 
+ /192.168.31.egg: Potentially interesting backup/cert file found. 
+ /192168.alz: Potentially interesting backup/cert file found. 
+ /archive.pem: Potentially interesting backup/cert file found. 
+ /168.tar.bz2: Potentially interesting backup/cert file found. 
+ /backup.pem: Potentially interesting backup/cert file found. 
+ /archive.tgz: Potentially interesting backup/cert file found. 
+ /192168.tar.lzma: Potentially interesting backup/cert file found. 
+ /19216831202.tgz: Potentially interesting backup/cert file found. 
+ /192.tar.lzma: Potentially interesting backup/cert file found. 
+ /archive.jks: Potentially interesting backup/cert file found. 
+ /dump.pem: Potentially interesting backup/cert file found. 
+ /202.alz: Potentially interesting backup/cert file found. 
+ /site.alz: Potentially interesting backup/cert file found. 
+ /192.168.31.tar.bz2: Potentially interesting backup/cert file found. 
+ /192.168.31.202.cer: Potentially interesting backup/cert file found. 
+ /archive.war: Potentially interesting backup/cert file found. 
+ /192.168.tar.bz2: Potentially interesting backup/cert file found. 
+ /192.168.cer: Potentially interesting backup/cert file found. 
+ /192.168.tgz: Potentially interesting backup/cert file found. 
+ /192.168.31.202.jks: Potentially interesting backup/cert file found. 
+ /192.168.31.202.alz: Potentially interesting backup/cert file found. 
+ /192.168.31.cer: Potentially interesting backup/cert file found. 
+ /site.tar: Potentially interesting backup/cert file found. 
+ /database.war: Potentially interesting backup/cert file found. 
+ /168.tar: Potentially interesting backup/cert file found. 
+ /database.tar: Potentially interesting backup/cert file found. 
+ /19216831202.war: Potentially interesting backup/cert file found. 
+ /192.168.pem: Potentially interesting backup/cert file found. 
+ /192.168.tar.lzma: Potentially interesting backup/cert file found. 
+ /168.tar.lzma: Potentially interesting backup/cert file found. 
+ OSVDB-3092: /ftp/: This might be interesting.
+ OSVDB-3092: /public/: This might be interesting.
+ /wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI, see https://security.dxw.com/advisories/directory-traversal-in-nextgen-gallery-2-0-0/
+ /wordpress/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php: NextGEN Gallery LFI, see https://security.dxw.com/advisories/directory-traversal-in-nextgen-gallery-2-0-0/
+ ERROR: Error limit (20) reached for host, giving up. Last error: 
+ SCAN TERMINATED:  2 error(s) and 167 item(s) reported on remote host
+ End Time:           2022-04-16 08:13:52 (GMT-7) (115 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested

从运行结果分析,
OSVDB-3092: /ftp/: This might be interesting.
OSVDB-3092: /public/: This might be interesting.

/ftp目录
使用浏览器访问 /ftp,解锁 “ Confidential Document ” 成就,1星级难度。

/backup/cert目录
使用浏览器访问 /backup/cert,解锁 “ Error Handling ” 成就,1星级难度。

score-board 记分牌

使用浏览器开发者工具

Chrome 浏览器,按 F12 开发者工具,访问http://192.168.31.202/,点击网络->全部-> application-configuration->预览,展开Json 中的securityTxt -> acknowledgements,发现隐藏页面 “/#/score-board”。
计分板
Chrome 浏览器,按 F12 开发者工具,访问 http://192.168.31.202/#/score-board ,显示计分板页面。
解锁 “ Score Board ” 成就,1星级难度。

ASP Juice Shop 学习 二 主动侦察 1

OWASP Juice Shop 学习 二 主动侦察 2

OWASP Juice Shop 学习 二 主动侦察 2

OWASP Juice Shop 学习 三

OWASP Juice Shop 学习 四

OWASP Juice Shop 学习 五

OWASP Juice Shop 学习 六

OWASP Juice Shop 学习 七

OWASP Juice Shop 学习 八

OWASP Juice Shop 学习 九

OWASP Juice Shop 学习 十

医生的托马斯
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
OWASP juice shop笔记()----一星题
x1t02m的博客
09-09 1637
哈哈哈、
使用Nikto扫描网站漏洞
CHK的博客
03-16 8890
Nikto简介 Nikto是一个简单的开源Web服务器扫描程序,可以检查网站并报告它发现的可能用于利用或破解网站的漏洞。此外,它是业界使用最广泛的网站漏洞工具之一,并且在许多圈子中被认为是行业标准。 虽然这个工具非常有效,但它根本不是隐秘的。任何具有入侵检测系统或其他安全措施的站点都将检测到它正在被扫描。最初设计只是用于安全测试,并不在意隐形问题。 【Nikto-百度百科】 Nikto...
JuiceShopSecurityTests:OWASP Juice Shop的一组安全单元和集成测试
05-16
示例单元和集成测试以及相应的安全性单元和集成测试。 所有示例都使用Mocha( )运行和定位OWASP Juice Shop( )应用程序7.10。 Juice Shop倾向于在新版本中添加请求参数或在代码中四处移动变量,这破坏了一些单元测试。 Juice Shop github页面上提供了几种安装Juice Shop的方法。 设置说明: #在Linux(在Ubuntu 18.04桌面上测试)上,使用以下命令进行设置:apt-get install nodejs npm摩卡npm install -g chai npm install -g passwd-strength npm install -g superagent #npm没有设置NODE_PATH环境变量。 设置它,以便Mocha可以找到我们的库。 导出NODE_PATH = / usr / local / lib
kali下敏感目录扫描工具Nikto使用
大方子
07-23 1万+
NIkto介绍(来自百度百科) Nikto是一款开源的(GPL)网页服务器扫描器,它可以对网页服务器进行全面的多种扫描,包含超过3300种有潜在危险的文件/CGIs;超过625种服务器版本;超过230种特定服务器问题。扫描项和插件可以自动更新(如果需要)。基于Whisker/libwhisker完成其底层功能。这是一款非常棒的工具,但其软件本身并不经常更新,最新和最危险的可能检测不到。 ...
Hack the LAMPSecurity: CTF 5 (CTF Challenge)
菜鸟耿耿
12-04 1565
Hack the LAMPSecurity: CTF 5 (CTF Challenge) 你好,朋友!今天,我们将面对另一个称为LAMPSecurity CTF5的CTF挑战,这是为实践提供的另一个boot2root挑战,其安全级别适用于初学者。因此,让我们尝试突破它。但请注意,您可以先从这里下载 https://www.vulnhub.com/entry/lampsecurity-ctf5,84/ 下载完之后就开始我们今天的挑战啦~~ 实战演练 环境说明 kali IP:192.168.35.128 主机
DC3靶场渗透流程(超详细)
m0_64583632的博客
04-04 1153
vulnhub是个提供各种漏洞平台的综合靶场,可供下载多种虚拟机进行下载,本地VM打开即可,像做游戏一样去完成渗透测试、提权、漏洞利用、代码审计等等有趣的实战。
OWASP Juice Shop:可能是最现代和最复杂的不安全 Web 应用程序-开源
07-02
OWASP Juice Shop 可能是最现代和最先进的不安全网络应用程序! 它可用于安全培训、意识演示、CTF 以及作为安全工具的试验品! Juice Shop 包含来自整个 OWASP 前十名的漏洞以及在实际应用程序中发现的许多其他安全...
juice-shop-ctf:OWASP Juice Shop的标志捕获(CTF)环境设置工具
04-30
OWASP果汁商店CTF扩展 Node包可以帮助您准备针对不同流行CTF框架的挑战的事件。 此交互式实用程序使您可以在几分钟内填充CTF游戏服务器。 支持的CTF框架 juice-shop-ctf-cli支持以下开源CTF框架: 特遣部队 ...
juiceshoproutes:简单的Burp插件可在OWASP Juice Shop App中识别路线
05-15
简单的Burp插件可在OWASP Juice Shop App中识别路线 该项目只是一个示例,展示了如何创建简单的burp扩展名以帮助识别特定信息。 在这种情况下,该工具可与将RouteProvider公开给客户端的Angular应用程序一起使用。 ...
OWASP靶机、安全学习、测试
05-24
这里提供的是owasp靶机的下载,下载后直接在虚拟机导入即可使用 OWASP靶机是一个开放式Web应用程序安全项目组织,旨在帮助计算机和互联网应用程序提供公正、实际、有成本效益的信息。在信息安全OWASP TOP 10 是...
漏洞扫描工具-Nikto漏洞扫描工具调研
weixin_34391445的博客
07-03 430
 简介:  Nikto是一款开放源代码的、功能强大的WEB扫描评估软件,能对web服务器多种安全项目进行测试的扫描软件,能在230多种服务器上扫描出 2600多种有潜在危险的文件、CGI及其他问题,它可以扫描指定主机的WEB类型、主机名、特定目录、COOKIE、特定CGI漏洞、返回主机允许的 http模式等等。它也使用LibWhiske库,但通常比Whi...
安全学习笔记】扫描工具-Nikto
weixin_34050519的博客
12-07 1013
╋━━━━━━━╋┃实验环境 ┃┃Metasploitable┃┃ Dvwa ┃╋━━━━━━━╋Username adminpassword password╋━━━━━━━━━━━╋┃侦查 ┃┃Httrack ┃┃ 减少与目标系统互 ┃╋━━━━━━━━━━━╋root@ka...
【测试】Kali Linux 渗透安全学习笔记(3) - Nikto 简单应用
Kida 的技术小屋(CSDN 版)
08-04 1408
kali linux 网络安全学习笔记第篇,通过 Nikto 扫描系统层面漏洞。它简洁且功能强大给我的感觉还是不错的。
LAMPSECURITY: CTF6 内网拿到root 20211226
32bin的博客
12-26 2710
LAMPSECURITY: CTF6 参考博客: https://blog.csdn.net/weixin_42652002/article/details/112132466?spm=1001.2101.3001.6650.2&utm_medium=distribute.pc_relevant.none-task-blog-2%7Edefault%7ECTRLIST%7Edefault-2.nonecase&depth_1-utm_source=distribute.pc_releva
Nikto
热门推荐
我的成长日记
09-28 2万+
Nikto 转载请注明,原文转自 http://blog.csdn.net/fly_heart_yuan/article/details/6799043 一 简介 Nikto 是一款开放源代码的、功能强大的WEB扫描评估软件,能对web服务器多种安全项目进行测试的扫描软件,
扫描工具nikto简介及使用
qq_44851825的博客
10-06 3204
nikto 1、 NIKTO:perl语言开发的开源WEB安全扫描器; 识别网站软件版本; 搜索存在安全隐患的文件; 检查服务器配置漏洞; 检查WEB Application层面的安全隐患; 避免404误判(原因:很多服务器不遵循RFC标准,对于不存在的对象返回200响应码); 依据响应文件内容判断,不同扩展名的文件404响应内容不同;去时间信息后的内容取MD5值;不建议用-no404参...
[java]使用junrar解压文件时,上报解压进度的具体实现
让勤奋成为习惯
04-12 4627
笔者在公司项目中有一个需要解压10G的rar的压缩包的一个需求,那么我们希望能够上报整个解压的进度。google/baidu上均没有找到合适的办法。后来看了下junrar的源码,发现实现UnrarCallback接口后,可以完成进度的上报监测。经验之谈就是,读源码才是王道。具体代码可点击Github地址监控类具体代码如下。package com.zju.javastudy.unrar;import
docker 安装owasp
最新发布
09-19
要安装OWASP Juice Shop容器,您可以按照以下步骤进行操作: 1. 首先,确保您已经安装了Docker。如果还没有安装,请参考您操作系统的文档或官方网站来安装Docker。 2. 启动Docker并验证安装是否成功。 3. 在终端中运行以下命令来拉取OWASP Juice Shop容器: ``` docker pull bkimminich/juice-shop ``` 4. 等待镜像下载完成后,可以运行以下命令来启动OWASP Juice Shop容器: ``` docker run -d -p 3000:3000 bkimminich/juice-shop ``` 这将在后台启动一个容器,并将主机的3000端口映射到容器的3000端口。 5. 现在,您可以通过访问http://localhost:3000来访问OWASP Juice Shop。 希望这可以帮助您安装OWASP Juice Shop容器。如果您有任何其他问题,请随时问我。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值