Nest Sweets NTFSファイルシステムにはADSがある Procedure nmap PORT STATE SERVICE VERSION 445/tcp open microsoft-ds? 4386/tcp open unknown | fingerprint-strings: | DNSStatusRequestTCP, DNSVersionBindReqTCP, Kerberos, LANDesk-RC, LDAPBindReq,…

no crypto 150point Description there's crypto in here but the challenge is not crypto... 🤔 no crypto Solution run binary ./not-crypto I heard you wanted to bargain for a flag... whatcha got? aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa…

Haircut Sweets OWASPのdirbusterのリストは優秀 webサーバで使用されているコマンドや構造を把握することが大事 Procedure portscan PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0) | ssh-host…

Resolute tags: HTB Medium Procedure User Flag nmap PORT STATE SERVICE VERSION 53/tcp open domain Microsoft DNS 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2020-05-09 01:19:47Z) 135/tcp open msrpc Microsoft Windows RPC…

shocker tags: HTB Easy Procedure enumeration nmap scan PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) |_http-server-header: Apache/2.4.18 (Ubuntu) |_http-title: Site doesn't have a title (text/html). 2222/tcp op…

Conclusion ミドルウェアのバージョンを調べる事は大事 古いミドルウェアにはエクスプロイトがよくある Procedure nmap PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 2.3.4 |_ftp-anon: Anonymous FTP login allowed (FTP code 230) | ftp-syst: | ST…

Conclusion 古いミドルウェアは使わない Procedure nmap PORT STATE SERVICE VERSION 80/tcp open http HttpFileServer httpd 2.3 |_http-server-header: HFS 2.3 |_http-title: HFS / 80/tcpにブラウザでアクセスする nmapの情報通りHttpFileServer 2.3が動…