https://blog.qife122.com/tags/ssti%E6%94%BB%E5%87%BB/ Recent content in SSTI攻击 on 办公AI智能小助手 Hugo zh-cn qife Sun, 28 Sep 2025 03:39:21 +0800 https://blog.qife122.com/p/terrier-cyber-quest-2025-ctf%E5%AE%9E%E6%88%98%E8%A7%A3%E6%9E%90%E4%BB%8Essti%E6%BC%8F%E6%B4%9E%E5%88%B0root%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87/ Sun, 28 Sep 2025 03:39:21 +0800 https://blog.qife122.com/p/terrier-cyber-quest-2025-ctf%E5%AE%9E%E6%88%98%E8%A7%A3%E6%9E%90%E4%BB%8Essti%E6%BC%8F%E6%B4%9E%E5%88%B0root%E6%9D%83%E9%99%90%E6%8F%90%E5%8D%87/ <h1 id="terrier-cyber-quest-2025--简要解题记录">Terrier Cyber Quest 2025 — 简要解题记录</h1> <h2 id="初始访问">初始访问</h2> <p>运行nmap扫描：</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">sudo nmap -sC 192.168.57.24 -A -v -p- </span></span></code></pre></td></tr></table> </div> </div><p>在5000端口发现web服务器。</p> <p>使用ffuf进行目录模糊测试：</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">ffuf -w /usr/share/wordlists/dirbuster/directory-list-2.3-small.txt -u http://192.168.57.24:5000/FUZZ -fs <span class="m">3806</span> </span></span></code></pre></td></tr></table> </div> </div><p>发现页面后测试SSTI漏洞并确认存在。</p>