Posts for: #Lfi

HTB: Poison

#htb  #medium  #freebsd  #lfi  #vnc  #ssh-tunneling  #base64 
ターゲット // Poison
PlatformHTB
OSFreeBSD
DifficultyMedium
IP10.129.1.254

Enumeration

Nmap

▶ Nmap output
PORT   STATE SERVICE VERSION
22/tcp open  ssh     OpenSSH 7.2 (FreeBSD 20161230; protocol 2.0)
80/tcp open  http    Apache httpd 2.4.29 ((FreeBSD) PHP/5.6.32)

OS: FreeBSD

[]

PG: Slort

#offsec  #proving-grounds  #medium  #windows  #lfi  #rfi  #php-wrapper  #scheduled-task  #xampp 
ターゲット // Slort
PlatformOffSec Proving Grounds
OSWindows
DifficultyMedium
IP192.168.105.53

Enumeration

Nmap

▶ Nmap output
PORT     STATE SERVICE VERSION
21/tcp   open  ftp     FileZilla ftpd 0.9.41 beta
135/tcp  open  msrpc   Microsoft Windows RPC
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
3306/tcp open  mysql   MariaDB (host not allowed)
4443/tcp open  http    Apache httpd 2.4.43 (XAMPP)
8080/tcp open  http    Apache httpd 2.4.43 (XAMPP)

Windows box running XAMPP on two ports. FTP requires credentials, MySQL is localhost-only.

[]