代码收藏家 [渗透测试学习] Editorial-HackTheBox
文章目录
Editorial-HackTheBox
信息搜集
nmap扫描端口
nmap -sV -sC -v 10.10.11.20
扫描结果如下
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.9p1 Ubuntu 3ubuntu0.7 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 256 0d:ed:b2:9c:e2:53:fb:d4:c8:c1:19:6e:75:80:d8:64 (ECDSA)
|_ 256 0f:b9:a7:51:0e:00:d5:7b:5b:7c:5f:bf:2b:ed:53:a0 (ED25519)
80/tcp open http nginx 1.18.0 (Ubuntu)
| http-methods:
|_ Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: nginx/1.18.0 (Ubuntu)
|_http-title: Did not follow redirect to http://editorial.htb
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
发现重定向http://editorial.htb,添加域名到/etc/hosts
访问80端口,类似于阅读书籍的网站
ffuf扫描不存在子域名&#
作者:_rev1ve
