Warzone: 1 vulnhub walkthrough

Warzone: 1

---

虚拟机页面：http://www.vulnhub.com/entry/warzone-1,589/

Description

• Info : Created and Tested in Virtual Box, maybe you need to write code
• Based on : Crypto
• Scenario : You are trying to gain access to the enemy system
• Mission : Your mission is to get the silver and the gold trophy (user.txt, root.txt)
• Hints : java decompiler

主机发现和端口探测

PORT     STATE SERVICE VERSION
21/tcp   open  ftp     vsftpd 3.0.3
22/tcp   open  ssh     OpenSSH 7.9p1 Debian 10+deb10u2 (protocol 2.0)
5000/tcp open  http    Werkzeug httpd 1.0.1 (Python 3.7.3)
Service Info: OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel

服务脆弱性测试攻击

以匿名用户登录ftp，发现了两个文件。

kali@kali:~$ ftp 192.168.56.44
Connected to 192.168.56.44.
220 (vsFTPd 3.0.3)
Name (192.168.56.44:kali): anonymous
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
dr-xr-xr-x    2 ftp      ftp          4096 Oct 22 12:49 pub
226 Directory send OK.
ftp> cd pub
250 Directory successfully changed.
ftp> ls
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-r--r--r--    1 ftp      ftp            77 Oct 22 12:32 note.txt
-r--r--r--    1 ftp      ftp          5155 Oct 22 12:49 warzone-encrypt.jar
226 Directory send OK.
ftp> get note.txt
local: note.txt remote: note.txt
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for note.txt (77 bytes).
226 Transfer complete.
77 bytes received in 0.00 secs (16.2304 kB/s)
ftp> get warzone-encrypt.jar
local: warzone-encrypt.jar remote: warzone-encrypt.jar
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for warzone-encrypt.jar (5155 bytes).
226 Transfer complete.
5155 bytes received in 0.01 secs (883.6545 kB/s)

kali@kali:~$ cat note.txt 
Attention, please encrypt always your password using the warz