留言板

评论

  1. n
    nunyabizness
    Windows Chrome
    前天 1:21
    2025-1-20 9:21:38

    How did you know you had to use evil-winrm tool since ports 5985,5986 were not even open?

    • h
      博主
      nunyabizness
      Windows Edge
      前天 1:50
      2025-1-20 9:50:19

      i had checked these ports before using evil-winrm. You can use Nmap -p 5985 to check them.

  2. m
    mdh
    Windows Chrome
    4 天前
    2025-1-17 10:34:33

    请问在 HTB-EscapeTwo 这篇帖子中 rose / KxEPkKe6R8su 密码组合是怎么得到的?我尝试过爆破、弱口令,但是效果不好

    • h
      博主
      mdh
      Windows Edge
      4 天前
      2025-1-17 12:15:03

      这是机器默认给的信息,在开机那里仔细看看

      • n
        nunyabizness
        hyh
        Windows Chrome
        前天 1:35
        2025-1-20 9:35:30

        how did you know you had to use evil-winrm when the ports 5985 and 5986 were closed?

  3. h
    博主
    Windows Edge
    已编辑
    5 天前
    2025-1-16 12:24:51

    这几天在屯文章,后面会一并发表。。。都是关于 Windows AD 域的

    • n
      nunyabizness
      hyh
      Windows Chrome
      5 天前
      2025-1-17 7:48:45

      love your site and things in it, thank you!!!

  4. CyberBrains
    Windows Chrome
    6 天前
    2025-1-15 21:44:44

    Hello HYH,
    When doing the HTB-LinkVortex machine, the file ‘ghost/core/test/regression/api/admin
    /authentication.test.js’ no longer has the password ‘OctopiFociPilfer45’ as in your writeup. Any further ideas?

    • h
      博主
      CyberBrains
      Windows Edge
      6 天前
      2025-1-15 22:42:04

      Are you sure? I checked git-dumper results just right now, and the password still in there……
      I think the way to get password hasn’t changed yet, maybe somewhere you did wrong
      my terminal below👇
      [root@kali] /home/kali/LinkVortex/gg/ghost/core/test/regression/api/admin (v5.58.0) ⚡
      ❯ cat authentication.test.js| grep ‘pass’
      const password = ‘OctopiFociPilfer45’;
      password,
      await agent.loginAs(email, password);
      password: ‘thisissupersafe’,
      password: ‘thisissupersafe’,

  5. Ki2is
    Windows Chrome
    8 天前
    2025-1-14 2:29:43

    Hi hyh, I’ve tried the GET /export/../../../../../var/www/backupapp.zip HTTP/1.1
    Terminal command at yummy machine, but it did not work. It responds with an 403 Error
    What’s the matter??

    • h
      博主
      Ki2is
      Windows Edge
      8 天前
      2025-1-14 9:13:00

      403 may be your session is out of date.Try to register another user? I didnt catch any 403, only 500 when I repeat the request a few times.These request should be sent only once,then you have to intercept a new one.

发送评论 编辑评论


				
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠( ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌皿ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ °Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
颜文字
Emoji
小恐龙
花!
加载失败