vulnhub—GOLDENEYE: 1
呜呜呜别做这个靶场,2018年的太老了,而且我做的时候有一些bug
vulnhub靶场——GOLDENEYE: 1 渗透记录
About
Download (Mirror): https://download.vulnhub.com/goldeneye/GoldenEye-v1.ova
- DHCP service: Enabled
- IP address: Automatically assign
Description
I recently got done creating an OSCP type vulnerable machine that’s themed after the great James Bond film (and even better n64 game) GoldenEye. The goal is to get root and capture the secret GoldenEye codes - flag.txt.
I’d rate it as Intermediate, it has a good variety of techniques needed to get root - no exploit development/buffer overflows. After completing the OSCP I think this would be a great one to practice on, plus there’s a hint of CTF flavor.
I’ve created and validated on VMware and VirtualBox. You won’t need any extra tools other than what’s on Kali by default. Will need to be setup as Host-Only, and on VMware you may need to click “retry” if prompted, upon initially starting it up because of formatting.
一、信息搜集
fscan扫出虚拟机分配的IP:192.168.24.128
goby
nmap
二、网站渗透
http://192.168.24.128/sev-home/是登陆界面,什么都没有所以尝试爆破,没爆出来,再回去看源码,有静态js:/terminal.j