OSCP Learning Notes - Enumeration

Posted keepmoving1113

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了OSCP Learning Notes - Enumeration相关的知识,希望对你有一定的参考价值。

HTTP Enumeration

Target Host IP: 10.0.0.20

Brute Forcing using DirBuster

1. Start the dirbuster and set the options.

技术图片

Note:

  1. The wordlist can be found locally or downloaded from the Internet.   

    技术图片

   OR  Dirbuster-ng big wordlist dowload site:https://github.com/digination/dirbuster-ng/tree/master/wordlists

2. Progress in sacanning.

技术图片

 

3. Scan result tree. We may find some interesting things here.

技术图片

4.Open the test.php in browser, and review the source code.

技术图片

 

 Brute Forcing using nikto

1. Scan the target port 80(http).

nikto -h 10.0.0.20

技术图片

2. Scan the target port 443(https).

nikto -h 10.0.0.20:443

技术图片

 

以上是关于OSCP Learning Notes - Enumeration的主要内容,如果未能解决你的问题,请参考以下文章

OSCP Learning Notes - Buffer Overflows

OSCP Learning Notes - Exploit

OSCP Learning Notes - Enumeration

OSCP Learning Notes - Capstone

OSCP Learning Notes - Exploit

OSCP Learning Notes - Exploit