主机:192.168.32.152 靶机:192.168.32.160 首先nmap扫描端口: ftp,ssh,http服务 dirb扫描目录,flag下有一个flag password目录下,查看源码看到一个密码,winter robots目录下有些敏感文件 访问敏感目录,发现这里可能存在命令执行漏洞 http9090端口下也有一个flag 再用nmap -p- -T4 探测下有没有更多的大端口 nc 这两个大端口,两个flag 60000端口直接返回了root权限?,然后直接catf lag

copy : https://baike.baidu.com/item/ctf/9548546?fr=aladdin CTF(Capture The Flag)中文一般译作夺旗赛,在网络安全领域中指的是网络安全技术人员之间进行技术竞技的一种比赛形式.CTF起源于1996年DEFCON全球黑客大会,以代替之前黑客们通过互相发起真实攻击进行技术比拼的方式.发展至今,已经成为全球范围网络安全圈流行的竞赛形式,2013年全球举办了超过五十场国际性CTF赛事.而DEFCON作为CTF赛制的发源地,DEFC

CTF(Capture The Flag) 简单介绍 CTF(Capture The Flag)中文一般译作夺旗赛,在网络安全领域中指的是网络安全技术人员之间进行技术竞技的一种比赛形式. `In computer security, Capture the Flag (CTF), a type of cryptosport, is a computer security competition. CTF contests are usually designed to serve as an e

http://acm.zju.edu.cn/onlinejudge/showContestProblem.do?problemId=5503 The 12th Zhejiang Provincial Collegiate Programming Contest - K Capture the Flag Time Limit: 2 Seconds      Memory Limit: 65536 KB      Special Judge In computer security, Capture

Capture the Flag Time Limit: 2 Seconds Memory Limit: 65536 KB Special Judge In computer security, Capture the Flag (CTF) is a computer security competition. CTF contests are usually designed to serve as an educational exercise to give participants ex

Capture the Flag Time Limit: 2 Seconds      Memory Limit: 65536 KB      Special Judge In computer security, Capture the Flag (CTF) is a computer security competition. CTF contests are usually designed to serve as an educational exercise to give parti

In computer security, Capture the Flag (CTF) is a computer security competition. CTF contests are usually designed to serve as an educational exercise to give participants experience in securing a machine, as well as conducting and reacting to the so

攻防练习1 ssh私钥泄露 靶场镜像:链接: https://pan.baidu.com/s/1xfKILyIzELi_ZgUw4aXT7w 提取码: 59g0 首先安装打开靶场机 没办法登录,也没法获取ip地址,怎么办呢? 打开kali 进入控制台使用netdiscover命令 netdiscover -r ip/子网掩码 命令来探测靶机 netdiscover -r 192.168.32.152/24 扫描开放的端口 我们可以看到靶场开放的端口和对应的服务,此靶场机器上开启了ssh服务和两个

参考链接:https://ctftime.org/task/6264 题目 It's a media PC! All fully purchased through the online subscription revolution empire "GimmeDa$". The PC has a remote control service running that looks like it'll cause all kinds of problems or that was wr

easy_RSA 首先如果你没有密码学基础是得去恶补一下的 然后步骤是先算出欧拉函数 之后提交注意是cyberpeace{********}这样的 ,博主以为是flag{}耽误了很长时间  明明没算错呀  hhhh  不仅仅是Morse 一看首先肯定要用morse解码 解密morse密码工具https://tool.lu/morse/ 你看提示maybe have 什么什么什么 就知道还要再解码 再看后面的很像培根密码 解密培根密码工具https://tool.bugku.com/peigen/