摘要: 1 信息收集 先扫端口,只开了80 {"ip":"192.168.68.210","port":80,"service":"http","Banner":"","url":"http://192.168.68.210:80"} {"url":"http://192.168.68.210:80","S 阅读全文
posted @ 2022-04-23 16:42 R3col 阅读(338) 评论(0) 推荐(0) 编辑
摘要: 1 信息收集 惯例先扫端口 {"ip":"192.168.68.168","port":22,"service":"ssh","Banner":"SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u1\\x0a","url":""} {"ip":"192.168.68.168" 阅读全文
posted @ 2022-04-23 00:21 R3col 阅读(156) 评论(0) 推荐(0) 编辑
摘要: 1 信息收集 惯例先找下靶机在哪,再扫一下全端口 开了http和ssh,linux(debian) + apache {"ip":"192.168.68.228","port":80,"service":"http","Banner":"","url":"http://192.168.68.228: 阅读全文
posted @ 2022-04-20 16:22 R3col 阅读(142) 评论(0) 推荐(0) 编辑
摘要: 1 端口扫描 找到靶机ip,扫描端口,发现仅开放了ssh和web,是debian + apache wordpress {"ip":"192.168.68.75","port":22,"service":"ssh","Banner":"SSH-2.0-OpenSSH_7.4p1 Debian-10+ 阅读全文
posted @ 2022-04-19 15:36 R3col 阅读(71) 评论(0) 推荐(0) 编辑
摘要: 1 信息收集 先找存活主机,确定ip后再扫全端口,开启了nfs和http服务 {"ip":"192.168.68.90","port":110,"service":"","Banner":"","url":""} {"ip":"192.168.68.90","port":80,"service":" 阅读全文
posted @ 2022-04-18 18:55 R3col 阅读(129) 评论(0) 推荐(0) 编辑
摘要: 1 信息收集 scaninfo扫一下,只有ssh和web俩服务 {"ip":"192.168.68.133","port":22,"service":"ssh","Banner":"SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u6\\x0a","url":""} {"ip 阅读全文
posted @ 2022-04-18 10:40 R3col 阅读(74) 评论(0) 推荐(0) 编辑
摘要: 1 信息收集 scaninfo扫一下 {"ip":"192.168.1.111","port":80,"service":"http","Banner":"","url":"http://192.168.1.111:80"} {"url":"http://192.168.1.111:80","Sta 阅读全文
posted @ 2022-04-05 16:47 R3col 阅读(190) 评论(0) 推荐(0) 编辑
摘要: 1 信息收集 开放了80(web-wordpress)和7744(ssh),系统为linux {"ip":"192.168.1.109","port":7744,"service":"ssh","Banner":"SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u7\\x0d\ 阅读全文
posted @ 2022-04-04 20:34 R3col 阅读(58) 评论(0) 推荐(0) 编辑
摘要: 1 信息收集 用scaninfo扫一下端口和服务 {"ip":"192.168.1.108","port":22,"service":"ssh","Banner":"SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u7\\x0d\\x0a","url":""} {"ip":"1 阅读全文
posted @ 2022-04-03 15:58 R3col 阅读(82) 评论(0) 推荐(0) 编辑
摘要: 0 简介 在特定限制条件下,Django的order_by方法会导致SQL注入 影响版本:3.1.x < 3.1.13, 3.2.x < 3.2.5 条件: Debug=True 接口使用order_by方法 复现/分析环境: python 3.8.1 Django 3.2.4 MySQL 5.7. 阅读全文
posted @ 2022-04-02 21:55 R3col 阅读(682) 评论(0) 推荐(0) 编辑