THM-Vulnerability Capstone

首先收集信息,获取版本号

What is the name of the application running on the vulnerable machine?

image-20241012210552412

Fuel CMS

What is the version number of this application?

1.4

What is the number of the CVE that allows an attacker to remotely execute code on this application?

上DB去搜索对应CVE

image-20241012210705831

image-20241012210820751

CVE-2018-16763

nmap扫描

nmap -sS -vv 10.10.143.78 --min-rate 10000 -Pn 

image-20241012210946849

得知ssh端口开放

首先端口监听

image-20241012211111604

使用脚本进去反弹shell出来

image-20241012211100073

获取flag

image-20241012211132239

posted @ 2024-10-17 20:38  kelec0ka  阅读(6)  评论(0编辑  收藏  举报