oscp考试,oscp

0x00前言这里总结oscp进行的练习，总结每个问题需要的内容和通过练习可以学到的东西。

0x01分类1越权Me and My Girlfriend 1 2 sql注入dc93 lfisunrisesymfonos :1 sym fonos :5 Nineveh : v 0.3 dc9 OS-hack nos-2.14 ssh爆破meandmygirlfish 5.1忽略PHP me and my girl friend15.2后缀literally vulnerable 5.3 wine sunrise 5.4 mysqlsymfonos :2 DC 9.5 dpkgsymfonos 33605.6 cc

5.8 python DC 9.9 make sunset : dusk6WP站literallyvulnerablesymfonos 33601 five 86-2 hacker fest :2019 OS-hack nos-2.1变量的权重terallyvulnerablesymfonos 336019 MySQL命令行操作sunrise 10发送mail提供权sym fonos 3360111 smtpsymfonos 33601 sym fonos 3360212 .的y sym fonos 3333332 360214.codeshellsymfonos :315.FTP快照包sym fonos :316.ldpsymfonos :517.chkrootkit宠物phpliteadminineveh :517 . 320.knockd敲门Nineveh : v 0.3 DC 921.opennetadminfive 86-122.mysq ive.docker供权sunset: dusk0x02详细总结1.me and my girl frorl 漏洞ssh爆破敏感文件suid php提供权试验点越权ssh爆破suid php提供权PS这台机器做了三次，第三次的时候，突然发现这台机器完全可以作为初学者的练习环境。

time:2020年2月3日18:07:43

2.LiterallyVulnerable必备知识点使用ftp匿名访问wpscan的wp getshell进行简单的反分析linux执行和与后缀无关的试验点ftp反访问wp后台getshelllinux变量的反访问感受一下吧。这台机器还有意义，没关系

3.sunrise必备知识点weborf任意文件读取机密文件fuzzmysql命令行操作wine授权试验点weborf任意文件读取wine授权ps这款机器已经是第二次了。 2020年2月4日，第二次做的时候还觉得很模糊。可能需要做三次

4.symfonos:1所需知识点samba利用enum4linux检测smbclient连接samba的任意文件读取，利用telent书写邮件变量的权利试验点samba利用变量的权利利用PS 老实说，确实是非正式的，难度很大，建议第三次独立进行

在第二次做的过程中，我发现笔记本还不牢固。

5.symfonos:2所需知识点samba利用ProFTPD 1.3.5文件复制漏洞john爆破端口，librenms授权mysql授权点samba、利用ProFTPD 1.3.5文件复制漏洞端口传输librenms许可证mysql许可证点6.symfonoonol shell快照提取权限tcpdump捕捉包python后门试验点shell快照四门7.symfonos:5必备知识点LFIldap连接访问dpkg抽取权测试点LFIldap连接访问dpkg抽取权8.DC9必备知识点sql注入lfildap K9.five 86-1必备知识点njohncopy许可证10.Five86-2所需的知识点wpscaninsertorembedarticulateintowordpresstrial漏洞tcpdumpwiwing权12 Nineveh: v0.3所需的知识点挖掘hkrootkit权利具体文档0x03 vulnhub总览主题链接文章链接meandmygirlfriend 1https://www.vuln hub.com/entry/me-and-my-girl friend-vuln

.com/entry/ua-literally-vulnerable,407/https://blog.csdn.net/qq_36869808/article/details/103966097sunrisehttps://www.vulnhub.com/entry/sunset-sunrise,406/https://blog.csdn.net/qq_36869808/article/details/103979545symfonos:1https://www.vulnhub.com/entry/symfonos-1,322https://blog.csdn.net/qq_36869808/article/details/103985053symfonos:2https://www.vulnhub.com/entry/symfonos-2,331/https://blog.csdn.net/qq_36869808/article/details/103993975symfonos:3https://www.vulnhub.com/entry/symfonos-3,332/https://blog.csdn.net/qq_36869808/article/details/104000583symfonos:4(未完成)https://www.vulnhub.com/entry/symfonos-4,347/https://blog.csdn.net/qq_36869808/article/details/104012164symfonos:5https://www.vulnhub.com/entry/symfonos-5,415/https://blog.csdn.net/qq_36869808/article/details/104081076Five86-1https://www.vulnhub.com/entry/five86-1,417/https://blog.csdn.net/qq_36869808/article/details/104024583five86: 2https://www.vulnhub.com/entry/five86-2,418/https://blog.csdn.net/qq_36869808/article/details/104041854DC9https://www.vulnhub.com/entry/dc-9,412/https://blog.csdn.net/qq_36869808/article/details/104078799Nineveh: v0.3https://www.vulnhub.com/entry/nineveh-v03,222/https://blog.csdn.net/qq_36869808/article/details/104094830sunset: duskhttps://www.vulnhub.com/entry/sunset-sunrise,406/https://blog.csdn.net/qq_36869808/article/details/104098713Hacker Fest: 2019https://blog.csdn.net/qq_36869808/article/details/104103087Os-hackNos-2.1https://blog.csdn.net/qq_36869808/article/details/104113497EnuBox：Matteresthttps://blog.csdn.net/qq_36869808/article/details/104124056Kioptrix: Level 1 (#1)https://blog.csdn.net/qq_36869808/article/details/104127309Os-hackNos-3Os-hackNos-3hackNos: Os-Haxhttps://blog.csdn.net/qq_36869808/article/details/104152717Os-hackNos-1https://blog.csdn.net/qq_36869808/article/details/104155969DC-1https://blog.csdn.net/qq_36869808/article/details/104175455DC-2https://blog.csdn.net/qq_36869808/article/details/104197922DC-3https://blog.csdn.net/qq_36869808/article/details/104198091DC-4https://blog.csdn.net/qq_36869808/article/details/104207970DC-5https://blog.csdn.net/qq_36869808/article/details/104227201DC-6https://blog.csdn.net/qq_36869808/article/details/104238480DC-7https://blog.csdn.net/qq_36869808/article/details/104248506DC-8https://blog.csdn.net/qq_36869808/article/details/104254680In Plain Sight: 1.0.1https://blog.csdn.net/qq_36869808/article/details/104269729EVM:1https://blog.csdn.net/qq_36869808/article/details/104278019HA: Wordyhttps://blog.csdn.net/qq_36869808/article/details/104380631Kioptrix: Level 1.1 (#2)https://blog.csdn.net/qq_36869808/article/details/104407873Hackademic: RTB1https://blog.csdn.net/qq_36869808/article/details/104439423Hackademic: RTB2https://blog.csdn.net/qq_36869808/article/details/104439491xerxes-1https://blog.csdn.net/qq_36869808/article/details/104555258Kioptrix: Level 1.3 (#4)https://blog.csdn.net/qq_36869808/article/details/104555290Bot Challenges: RA1NXing Botshttps://blog.csdn.net/qq_36869808/article/details/104557397SecOS: 1https://blog.csdn.net/qq_36869808/article/details/104599020Hell: 1https://blog.csdn.net/qq_36869808/article/details/104638986NullByte: 1https://blog.csdn.net/qq_36869808/article/details/104860722/dev/random: Pipehttps://blog.csdn.net/qq_36869808/article/details/104880540PRIMER: 1.0.1https://blog.csdn.net/qq_36869808/article/details/1049208710x04 HackTheBox总览题目链接Postmanhttps://blog.csdn.net/qq_36869808/article/details/104041579Lamehttps://blog.csdn.net/qq_36869808/article/details/105486278Postmanhttps://blog.csdn.net/qq_36869808/article/details/104041579Legacyhttps://blog.csdn.net/qq_36869808/article/details/105767231Popcornhttps://blog.csdn.net/qq_36869808/article/details/106016608Beephttps://blog.csdn.net/qq_36869808/article/details/106020152Develhttps://blog.csdn.net/qq_36869808/article/details/106215375Bastardhttps://blog.csdn.net/qq_36869808/article/details/106238241Optimumhttps://blog.csdn.net/qq_36869808/article/details/106337535Cronoshttps://blog.csdn.net/qq_36869808/article/details/106494496Tentenhttps://blog.csdn.net/qq_36869808/article/details/106786075Brainfuck（环境问题，未完待续）https://blog.csdn.net/qq_36869808/article/details/107018478Lazyhttps://blog.csdn.net/qq_36869808/article/details/107023946Sneaky(未完成待续)https://blog.csdn.net/qq_36869808/article/details/107179373Jokerhttps://blog.csdn.net/qq_36869808/article/details/107340618Haircuthttps://blog.csdn.net/qq_36869808/article/details/107455806