Animetronic
备注
[Linux VM] [Tested on VirtualBox] created by || ziyos
⏲️ Release Date // 2023-12-11
✔️ MD5 // 30b3135e2016d3ae1b0d1c086a714ae9
☠ Root // 27
💀 User // 26
📝Notes // The server administrator assigned you to hack this server .So don't disappoint him.This server is easy , just do not give up.
靶机启动
靶机地址:192.168.56.119
web 服务探测
页面为静态页面,无交互点
目录扫描:
┌─[randark@parrot]─[~]
└──╼ $feroxbuster -u http://192.168.56.119 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
___ ___ __ __ __ __ __ ___
|__ |__ |__) |__) | / ` / \ \_/ | | \ |__
| |___ | \ | \ | \__, \__/ / \ | |__/ |___
by Ben "epi" Risher 🤓 ver: 2.10.1
─── ────────────────────────┬──────────────────────
🎯 Target Url │ http://192.168.56.119
🚀 Threads │ 50
📖 Wordlist │ /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
👌 Status Codes │ All Status Codes!
💥 Timeout (secs) │ 7
🦡 User-Agent │ feroxbuster/2.10.1
🔎 Extract Links │ true
🏁 HTTP methods │ [GET]
🔃 Recursion Depth │ 4
───────────────────────────┴──────────────────────
🏁 Press [ENTER] to use the Scan Management Menu™
──────────────────────────────────────────────────
404 GET 9l 31w 276c Auto-filtering found 404-like response and created new filter; toggle off with --dont-filter
403 GET 9l 28w 279c Auto-filtering found 404-like response and created new filter; toggle off with --dont-filter
301 GET 9l 28w 314c http://192.168.56.119/img => http://192.168.56.119/img/
200 GET 52l 340w 24172c http://192.168.56.119/img/favicon.ico
301 GET 9l 28w 314c http://192.168.56.119/css => http://192.168.56.119/css/
200 GET 2761l 15370w 1300870c http://192.168.56.119/img/logo.png
301 GET 9l 28w 313c http://192.168.56.119/js => http://192.168.56.119/js/
200 GET 7l 1513w 144878c http://192.168.56.119/css/bootstrap.min.css
200 GET 42l 81w 781c http://192.168.56.119/css/animetronic.css
200 GET 52l 202w 2384c http://192.168.56.119/
301 GET 9l 28w 321c http://192.168.56.119/staffpages => http://192.168.56.119/staffpages/
200 GET 728l 3824w 287818c http://192.168.56.119/staffpages/new_employees
得到一条路径:http://192.168.56.119/staffpages/new_employees
,访问返回的是 JPEG 图像数据
将其下载到本地,进行隐写分析,在图片的评论中得到:
page for you michael : ya/HnXNzyZDGg8ed4oC+yZ9vybnigL7Jr8SxyZTJpcmQx53Xnwo=
解码,并进行上下翻转后,得到
leahcim_rof_egassem
根据信息,得到以下路径:/staffpages/message_for_michael
Hi Michael
Sorry for this complicated way of sending messages between us.
This is because I assigned a powerful hacker to try to hack
our server.
By the way, try changing your password because it is easy
to discover, as it is a mixture of your personal information
contained in this file
personal_info.txt