➜ ~ nmap -sC -sV 10.10.10.146 Starting Nmap 7.91 ( https://nmap.org ) at 2021-01-30 01:56 EST Warning: 10.10.10.146 giving up on port because retransmission cap hit (10). Nmap scan report for 10.10.10.146 Host is up (0.070s latency). Not shown: 995 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.4 (protocol 2.0) | ssh-hostkey: | 2048 22:75:d7:a7:4f:81:a7:af:52:66:e5:27:44:b1:01:5b (RSA) | 256 2d:63:28:fc:a2:99:c7:d4:35:b9:45:9a:4b:38:f9:c8 (ECDSA) |_ 256 73:cd:a0:5b:84:10:7d:a7:1c:7c:61:1d:f5:54:cf:c4 (ED25519) 80/tcp open http Apache httpd 2.4.6 ((CentOS) PHP/5.4.16) |_http-server-header: Apache/2.4.6 (CentOS) PHP/5.4.16 |_http-title: Site doesn't have a title (text/html; charset=UTF-8).
80
80就一段文字:
目录扫描
简单的目录扫描,发现backup和uploads:
1 2 3 4 5 6 7 8 9
gobuster dir -u http://10.10.10.146/ -w /usr/share/seclists/Discovery/Web-Content/common.txt -t 50
for var in NAME PROXY_METHOD BROWSER_ONLY BOOTPROTO; do echo"interface $var:" read x while [[ ! $x =~ $regexp ]]; do echo"wrong input, try again" echo"interface $var:" read x done echo$var=$x >> /etc/sysconfig/network-scripts/ifcfg-guly done