Appointment

环境准备

  1. 操作系统:Kali Linux 或者 Windows
  2. 工具:nmap,gobuster

nmap工具 [Kali 官网]

手册地址:https://www.kali.org/tools/nmap/
摘要:
Nmap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques, version detection (determine service protocols and application versions listening behind ports), and TCP/IP fingerprinting (remote host OS or device identification). Nmap also offers flexible target and port specification, decoy/stealth scanning, sunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and commandline modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ.

Nmap是一种用于网络探索或安全审计的实用程序。它支持ping扫描(确定哪些主机已启动)、许多端口扫描技术、版本检测(确定在端口后面侦听的服务协议和应用程序版本)和TCP/IP指纹识别(远程主机操作系统或设备标识)。Nmap还提供灵活的目标和端口规范、诱饵/隐形扫描、sunRPC扫描等。大多数Unix和Windows平台都支持GUI和命令行模式。还支持几种流行的手持设备,包括Sharp Zaurus和iPAQ。

gobuster工具 [Kali 官网]

手册地址:https://www.kali.org/tools/gobuster/
摘要:
Gobuster is a tool used to brute-force URIs including directories and files as well as DNS subdomains.

Gobuster是一种用于暴力破解URI的工具,包括目录和文件以及DNS子域。

# gobuster dir -u http://10.129.202.36 -w /usr/share/wordlists/dirbuster/directory-list-2.3-small.txt

任务点

TASK1

What does the acronym SQL stand for?

缩写SQL代表什么?

key:Structured Query Language

TASK2

What is one of the most common type of SQL vulnerabilities?

最常见的SQL漏洞类型是什么?

key:SQL injection

TASK3

What is the 2021 OWASP Top 10 classification for this vulnerability?

该漏洞的2021 OWASP前10名分类是什么?

key:A03:2021-Injection

TASK4

What does Nmap report as the service and version that are running on port 80 of the target?

Nmap报告的是在目标端口80上运行的服务和版本是什么?

┌──(root㉿kali)-[/home/martin/桌面]
└─# nmap -p 80 -sV 10.129.202.36
Starting Nmap 7.92 ( https://nmap.org ) at 2023-09-20 11:03 CST
Nmap scan report for 10.129.202.36
Host is up (0.34s latency).

PORT   STATE SERVICE VERSION
80/tcp open  http    Apache httpd 2.4.38 ((Debian))

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 13.98 seconds
key:Apache httpd 2.4.38 ((Debian))

TASK5

What is the standard port used for the HTTPS protocol?

HTTPS协议使用的标准端口是什么?

key:443

TASK6

What is a folder called in web-application terminology?

在web应用程序术语中,文件夹的名称是什么?

key:directory

TASK7

What is the HTTP response code is given for ‘Not Found’ errors?

为“未找到”错误提供的HTTP响应代码是什么?

key:404

TASK8

Gobuster is one tool used to brute force directories on a webserver. What switch do we use with Gobuster to specify we’re looking to discover directories, and not subdomains?

Gobuster是一种用于在Web服务器上强制执行目录的工具。我们在Gobuster中使用什么开关来指定我们要查找的是目录,而不是子域?

key:dir

TASK9

What single character can be used to comment out the rest of a line in MySQL?

MySQL中哪一个字符可以用来注释掉一行的其余部分?

key:#

TASK10

If user input is not handled carefully, it could be interpreted as a comment. Use a comment to login as admin without knowing the password. What is the first word on the webpage returned?

如果用户输入处理不当,可能会被解释为注释。在不知道密码的情况下,使用注释以管理员身份登录。返回的网页上的第一个单词是什么?

Appointment_第1张图片

username:admin'#
password:1任意

Appointment_第2张图片

key:Congratulations

Flag

key:e3d0796d002a446c0e622226f42e9672

你可能感兴趣的:(HackTheBox,web安全)