防御
1.先拖源码
1
|
tar -zcvf backup.tar.gz /var/www/html
|
1
|
tar -zxvf backup.tar.gz
|
1
2
3
4
5
6
7
8
9
|
修改靶机密码passwd
fxznb666!
修改mysql密码
mysql -uroot -proot
update mysql.user set password=password('fxznb666!') where user='cms';//root也要修改
修改后看看
select host,user,password from mysql.user;
|
wc了,phpmyadmin的用户密码默认是root,中途我才记起,反应过来的时候已经被改了
攻击:
扫c段
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
import requests
from concurrent.futures import ThreadPoolExecutor
import re
f = open("host.txt", "w")
def get_ip(url):
resp = requests.get(url)
status = resp.status_code
if status == 200:
f.write(url + "\n")
print(url)
url = []
for i in range(1, 255):
url.append("http://192-168-1-" + str(i) + ".pvp6306.bugku.cn")
with ThreadPoolExecutor(max_workers=100) as executor:
executor.map(get_ip, url)
|
开始看到别人的马本来想利用,后面马全被人删了,D盾没有扫出哪里有什么漏洞