banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。
HomeArchives图文

靶场

cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

春秋云镜 仿真靶场-time记录

Time是一套难度为中等的靶场环境,完成该挑战可以帮助玩家了解内网渗透中的代理转发、内网扫描、信息收集、特权提升以及横向移动技术方法,加强对域环境核心认证机制的理解,以及掌握域环境渗透中一些有趣的技术要点。
春秋云镜
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

春秋云镜靶场--Certify记录

Certify是一套难度为中等的靶场环境,完成该挑战可以帮助玩家了解内网渗透中的代理转发、内网扫描、信息收集、特权提升以及横向移动技术方法,加强对域环境核心认证机制的理解,以及掌握域环境渗透中一些有趣的技术要点。该靶场共有4个flag,分布于不同的靶机。
渗透测试
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

game of active directory(GOAD) part 1 侦查和扫描

前言 最近家里的电脑有时间打开了,就开始做下 GOAD 靶场实验,GOAD 靶场的 writeup 先根据作者的流程走,后期学完可以做些自我理解及补充。 环境搭建参考之前的博客:https://lca.xlog.app/game-of-active-directoryGOAD…
渗透测试
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

ATT&CK红队评估实战靶场-1

靶场来自:http://vulnstack.qiyuanxuetang.net/vuln/detail/2/ 简单的一个靶场,本来用作学生的考核的,但是没用到,横向的域渗透也只是用了 cobalt strike 上的 psexec 模块,主要的内容是熟悉一些渗透的流程。 靶场有…
靶场
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

game of active directory(GOAD)域环境搭建

Game Of Active directory的第二个版本,项目地址:https://github.com/Orange-Cyberdefense/GOAD 域靶场环境通过 vagrang 安装 5 个 windows 实例(三个 DC,两个普通域内主机),拓朴图如下: 官…
渗透测试
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

hackthebox靶场 Backdoor 过程记录

靶机 ip:10.10.11.125。 本机 ip:10.10.16.21,mac m1。 fscan 端口扫描只发现了 22、80 端口,nmap 扫描下,还发现一个 1337 端口,不确定这个端口是什么作用的。 Copy nmap -sS -A -sC -sV -p- -…
htb
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

hackthebox靶场 meta 过程记录

靶机 ip:10.10.11.140。 本机 ip:10.10.16.6,mac m1。 端口扫描只开放了 22、80 端口。 访问 10.10.11.140 的 80 端口,直接跳转到http://artcorp.htb/,但此时无法访问,设置 hosts 看看…
靶场
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

lpeworkshop提权实验 - windows

实验环境项目地址: https://github.com/sagishahar-zz/lpeworkshop windows 实验的前提,需要先自己准备一个 Windows 7 (SP1) x64 Build 7601 的英文操作系统,原作者所有的实验都基于此操作系统。 1…
内网渗透
cover
cover
cover
cover
cover

mac hackthebox vpn

HackTheBox 是一个在线的渗透测试训练平台,提供各种场景、实验和虚拟机,用于学习和练习渗透测试和网络安全知识。 HackTheBox 汇集了各种难度级别的场景和虚拟机,包括多种类型的网络设备、操作系统和应用程序。 访问 hackthebox,需要连接 vpn,vpn…
htb
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover
cover

htb靶场-Shoppy

ip:10.10.11.180 端口开放情况 利用nmap进行端口扫描 Copy nmap -sS -A -sC -sV -p- --min-rate 5000 10.10.11.180 发现的端口:22,80,9093 80 跳转到http://shoppy.htb 修改…
htb
Ownership of this blog data is guaranteed by blockchain and smart contracts to the creator alone.