当前位置:网站首页>HTB-Shocker
HTB-Shocker
2022-08-01 14:04:00 【How good is always late at night.】
Information Collection
- ssh
- http
There is very little information collected, the directory should be scanned for additional extensions, dirbuster only has the php extension by default.
Take a look at user.txt, I found that I don't seem to understand it.
Go search to see what is the relationship between the twoWhat conditions do these two meet?
I got something and found Shellshock
Power On
Elevation of Privilege
How to create a /bin/bash session through perl, I found the parameter for one-time code execution by searching -e
Also searched for perl commands to execute system commands
No accident exec also works
边栏推荐
猜你喜欢
随机推荐
牛客刷SQL--7
Qt实战案例(56)——利用QProcess实现应用程序重启功能
iPhone难卖,被欧洲反垄断的服务业务也难赚钱了,苹果的日子艰难
2022-07-29 网工进阶(二十二)BGP-其他特性(路由过滤、团体属性、认证、AS欺骗、对等体组、子路由器、路由最大接收数量)
直播系统聊天技术(八):vivo直播系统中IM消息模块的架构实践
珠海首个水环境安全监测系统上线
Gradle series - Gradle tests, Gradle life cycle, settings.gradle description, Gradle tasks (based on Groovy documentation 4.0.4) day2-3
kubernetes之DaemonSet以及滚动更新
免费使用高性能的GPU和TPU—谷歌Colab使用教程
Longkou united chemical registration: through 550 million revenue xiu-mei li control 92.5% stake
求方阵的无穷范数「建议收藏」
CCS软件安装教程(超级详细)「建议收藏」
pd groupby后列变索引以及聚合列无列名的问题
VIP的实现原理
【每日一题】1331. 数组序号转换
PAT 1163 Dijkstra Sequence(30)
Multithreading Case - Timer
Koreographer Professional Edition丨一款Unity音游插件教程
性能优化——资源优化笔记
2022-07-25 网工进阶(二十一)BGP-路由反射器、联盟、聚合