当前位置:网站首页>遠程代碼執行滲透測試——B模塊測試
遠程代碼執行滲透測試——B模塊測試
2022-07-06 17:36:00 【山東網安菜雞】
有環境,有題,要的私信我!
任務環境說明:
服務器場景:Server2128(開放鏈接)
服務器場景操作系統:Windows
用戶名:administrator,密碼:[email protected]
1、找出靶機桌面上文件夾1中的文件RCEBackdoor.zip,使用靜態反編譯工具IDA對該壓縮包中的程序進行分析,根據提示來分析目標文件,將包含惡意代碼基址偏移的範圍作為Flag值提交(提交形式:0x1000XXXX-0x1000XXXX);
2、繼續分析反匯編後代碼,找出在惡意代碼中的關鍵函數,將用於字符串拼接的函數名稱作為Flag值提交;(提交形式:echo())
边栏推荐
- 数据仓库建模使用的模型以及分层介绍
- vscode
- Interpretation of Flink source code (II): Interpretation of jobgraph source code
- [reverse] repair IAT and close ASLR after shelling
- Interpretation of Flink source code (III): Interpretation of executiongraph source code
- Based on infragistics Document. Excel export table class
- Flink parsing (III): memory management
- The solution to the left-right sliding conflict caused by nesting Baidu MapView in the fragment of viewpager
- 07 personal R & D products and promotion - human resources information management system
- CentOS7上Redis安装
猜你喜欢
Flink 解析(四):恢复机制
C# WinForm系列-Button简单使用
04个人研发的产品及推广-数据推送工具
Case: check the empty field [annotation + reflection + custom exception]
Final review of information and network security (based on the key points given by the teacher)
05个人研发的产品及推广-数据同步工具
【Elastic】Elastic缺少xpack无法创建模板 unknown setting index.lifecycle.name index.lifecycle.rollover_alias
The most complete tcpdump and Wireshark packet capturing practice in the whole network
网络分层概念及基本知识
EasyRE WriteUp
随机推荐
05 personal R & D products and promotion - data synchronization tool
TCP connection is more than communicating with TCP protocol
Final review of information and network security (based on the key points given by the teacher)
JVM garbage collection overview
mysql的合计/统计函数
基于Infragistics.Document.Excel导出表格的类
Xin'an Second Edition; Chapter 11 learning notes on the principle and application of network physical isolation technology
List set data removal (list.sublist.clear)
沉淀下来的数据库操作类-C#版(SQL Server)
【MMdetection】一文解决安装问题
SQL tuning notes
The most complete tcpdump and Wireshark packet capturing practice in the whole network
MySQL advanced (index, view, stored procedure, function, password modification)
Xin'an Second Edition: Chapter 25 mobile application security requirements analysis and security protection engineering learning notes
Automatic operation and maintenance sharp weapon ansible Playbook
The problem of "syntax error" when uipath executes insert statement is solved
04 products and promotion developed by individuals - data push tool
当前系统缺少NTFS格式转换器(convert.exe)
Some feelings of brushing leetcode 300+ questions
Flink parsing (V): state and state backend