首先收集資訊,獲取版本號
What is the name of the application running on the vulnerable machine?
Fuel CMS
What is the version number of this application?
1.4
What is the number of the CVE that allows an attacker to remotely execute code on this application?
上DB去搜尋對應CVE
CVE-2018-16763
nmap掃描
nmap -sS -vv 10.10.143.78 --min-rate 10000 -Pn
得知ssh埠開放
首先埠監聽
使用指令碼進去反彈shell出來
獲取flag
