Fearnot - HackMD

HMVLabs-Venus Writeup
話說這個flag長得特別屌開始挑戰用 ssh 連線 ssh -p 5000 hacker@venus.hackmyvm.eu Host: venus.hackmyvm.eu Port: 5000 User: hacker Pass: havefun!
Fearnot changed 10 days agoView mode Like Bookmark
PG-InfosecPrep
Step.1 掃描先用 nmap 掃描一下 nmap -T4 192.168.111.89 PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 5902/tcp filtered vnc-2 看到 robots.txt 有個路徑
 Fearnot changed 6 months agoView mode Like Bookmark
PG設定教學
先來註冊 https://portal.offsec.com/sign-up/pg :::warning 記得要去信箱確認 ::: 在信件中按下確認按鈕後，直接按下continue就好， ![img1](https://hackmd.io/_uploads/SJc3eBYCC.png =600x) 這邊其實隨便填就好 ![img2](https://hackmd.io/_uploads/ryVrZrYCA.png =250x) 看你要不要接收通知
 Fearnot changed 6 months agoView mode Like Bookmark
Lab使用手冊
這張是首頁 Offsec Proving Grounds PG設定教學 WriteupPG-FunboxRookie PG-FunboxEasy PG-SunsetNoontide PG-DC-1 PG-InfosecPrep PG-Potato
Fearnot changed 7 months agoBook mode Like Bookmark
虛擬機架設說明
載點 Windows載這個Ubuntu 22.04 AMD iso Mac載這個Ubuntu 22.04 ARM iso VMware載點裡面有Windows和Mac的 zip 檔裡面東西是一樣的只是有壓縮過而已 Step.1 打開VT VT(Virtualization Technology)虛擬化技術 mac 應該可以跳過這步驟
 Fearnot changed 7 months agoView mode Like Bookmark
PG-DC-1
Step.1 掃描先用nmap掃描 nmap -T4 192.168.111.193 PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind Step.2 Exploit 發現網頁是Drupal Site，嘗試使用metasploit注入漏洞
 Fearnot changed 7 months agoView mode Like Bookmark
PG-FunboxRookie
Step.1 掃描 nmap -T4 192.168.223.107 若遇到以下情形可以試著「降速」T5 --> T4 Warning: 192.168.223.107 giving up on port because retransmission cap hit (2). 掃描後發現有以下的服務 PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh
Fearnot changed 7 months agoView mode Like Bookmark
PG-SunsetNoontide
Step.1 掃描一樣先namp掃描 nmap -sV -T5 192.168.195.120 找到一個開啟的 port 6667 執行的服務是irc版本為UnrealIRCd 6667/tcp open irc UnrealIRCd 接著根據這個版本掃描對應漏洞 nmap --script "irc-unrealircd-backdoor" -p 6667 192.168.195.120
Fearnot changed 7 months agoView mode Like Bookmark
PG-FunboxEasy
Step.1 掃描第一步都先nmap一下 nmap -T5 192.168.144.111 ![1-1](https://hackmd.io/_uploads/HyWd2DFCC.png =500x) 可以發現到80port是網頁服務，用firefox打開看一下 ![1-2](https://hackmd.io/_uploads/HkeTo6PtC0.png =500x) Step.2 爆破沒什麼特別的，用dirsearch爆破一下
 Fearnot changed 7 months agoView mode Like Bookmark
HMV-OSINT
OSINT-003 題目給了這張圖片，直接用Google Lens搜尋就可以找到答案了 ![003](https://hackmd.io/_uploads/ByBR6I60A.jpg =400x) ||hmv{GataCattana}|| OSINT-006 題目敘述如下：
Fearnot changed 7 months agoView mode Like Bookmark