Rlogin漏洞 on 办公AI智能小助手 https://blog.qife122.com/tags/rlogin%E6%BC%8F%E6%B4%9E/ Recent content in Rlogin漏洞 on 办公AI智能小助手 Hugo zh-cn qife Wed, 10 Sep 2025 05:53:07 +0800 HTB Reset靶机渗透实战 - 从日志投毒到权限提升 https://blog.qife122.com/p/htb-reset%E9%9D%B6%E6%9C%BA%E6%B8%97%E9%80%8F%E5%AE%9E%E6%88%98-%E4%BB%8E%E6%97%A5%E5%BF%97%E6%8A%95%E6%AF%92%E5%88%B0%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87/ Wed, 10 Sep 2025 05:53:07 +0800 https://blog.qife122.com/p/htb-reset%E9%9D%B6%E6%9C%BA%E6%B8%97%E9%80%8F%E5%AE%9E%E6%88%98-%E4%BB%8E%E6%97%A5%E5%BF%97%E6%8A%95%E6%AF%92%E5%88%B0%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87/ <h1 id="htb-reset">HTB: Reset</h1> <h2 id="侦察">侦察</h2> <h3 id="初始扫描">初始扫描</h3> <p>Nmap发现五个开放TCP端口:SSH(22)、HTTP(80)以及512-514端口的未知服务:</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt"> 1 </span><span class="lnt"> 2 </span><span class="lnt"> 3 </span><span class="lnt"> 4 </span><span class="lnt"> 5 </span><span class="lnt"> 6 </span><span class="lnt"> 7 </span><span class="lnt"> 8 </span><span class="lnt"> 9 </span><span class="lnt">10 </span><span class="lnt">11 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">oxdf@hacky$ nmap -p- --min-rate <span class="m">10000</span> 10.129.234.130 </span></span><span class="line"><span class="cl">Starting Nmap 7.94SVN <span class="o">(</span> https://nmap.org <span class="o">)</span> at 2025-06-03 20:24 UTC </span></span><span class="line"><span class="cl">Nmap scan report <span class="k">for</span> 10.129.234.130 </span></span><span class="line"><span class="cl">Host is up <span class="o">(</span>0.092s latency<span class="o">)</span>. </span></span><span class="line"><span class="cl">Not shown: <span class="m">65530</span> closed tcp ports <span class="o">(</span>reset<span class="o">)</span> </span></span><span class="line"><span class="cl">PORT STATE SERVICE </span></span><span class="line"><span class="cl">22/tcp open ssh </span></span><span class="line"><span class="cl">80/tcp open http </span></span><span class="line"><span class="cl">512/tcp open <span class="nb">exec</span> </span></span><span class="line"><span class="cl">513/tcp open login </span></span><span class="line"><span class="cl">514/tcp open shell </span></span></code></pre></td></tr></table> </div> </div><p>基于OpenSSH和Apache版本,目标可能运行Ubuntu 22.04。TCP 512-514端口与Berkeley r命令相关。</p>