THM-Vulnerability Capstone
首先收集信息,获取版本号
What is the name of the application running on the vulnerable machine?
Fuel CMS
What is the version number of this application?
1.4
What is the number of the CVE that allows an attacker to remotely execute code on this application?
上DB去搜索对应CVE
CVE-2018-16763
nmap扫描
nmap -sS -vv 10.10.143.78 --min-rate 10000 -Pn
得知ssh端口开放
首先端口监听
使用脚本进去反弹shell出来
获取flag