Skyarrow's blog

ad攻击小记

比较乱，梦到哪句写哪句不管干什么事，同步域控时间准没错。 AS-REP Roasting攻击1234567891011121314┌──(root㉿kaada)-[/home/kali/Desktop]└─# impacket-GetNPUsers -usersfile users.txt -no-pass -dc-ip 10.129.231.186 certified.htb/ Impa

2026-02-18

#杂记

OSCP-Challenge-5-OSCP-B

Here's something encrypted, password is required to continue reading.

2026-04-25

#OSCP

Mazesec-MM

已有的事，后必再有。已行的事，后必再行。日光之下,并无新事。—-<传道书> 1:9 靶机ip:192.168.56.60 难度:简单涉及内容: 信息收集与枚举： Nmap 端口与服务探测、域名绑定测试。 Web 安全： Git 源码泄露利用 (git-dumper) 、Git 提交历史审计与凭据恢复 (git log, git diff) 。图形化界面逃逸： VNC 登录、

2026-04-24

#Mazesec

HackMyVM-Type

back to the history and remember when I was born回眸歷史，记得我出生时何もない砂場飛び交う雷鳴在空无一物的沙地交错的雷鸣しょうもない音で掠れた生命於无谓的声音中乾涸的生命今後千年草も生えない砂の惑星さ今后千百年间寸草不生的沙漠星球靶机ip:192.168.56.58 难度：中等涉及内容：信息搜集与边界突破：虚拟主机（Vhost）配置发现、

2026-04-24

#HVM

Proving Grounds Practice-Jacko

她奔离了海滩留下些遗憾孤单也没那么心酸我模仿着不平凡却又一边渴望着陪伴靶机ip：192.168.55.66 难度：困难涉及内容：sql语句提权，数据库代码执行，godpotato提权端口扫描 12345678910111213141516171819202122232425262728293031323334353637383940414243???(root?kali)

2026-04-20

#PG

HackMyVM-Latestwasalie

来吧来吧再来一杯吧去吧去吧都离我而去吧靶机ip:192.168.56.51 难度:低(个人认为算中等) 涉及内容: 信息收集与枚举: 端口扫描、虚拟主机 (Vhost) 识别、Docker Registry API 探测。凭证爆破: 基于 HTTP Basic Auth 的 Hydra 字典爆破。供应链攻击 (Supply Chain Attack): 私有镜像仓库投毒、Sko

2026-04-17

#HVM

OSCP-Challenge-4-OSCP A

Here's something encrypted, password is required to continue reading.

2026-04-11

#OSCP

OSCP-Challenge 2 - Relia

Here's something encrypted, password is required to continue reading.

2026-04-04

#OSCP

OSCP-Challenge 1 - Medtech

Here's something encrypted, password is required to continue reading.

2026-03-28

#oscp

HackMyVM-Rsscross

Sweet dreams are made of this甜蜜的梦由此组成Who am I to disagree?我有何资格不附和Travel the world and the seven seas我环游世界和七大洋Everybody’s looking for something每个人皆有欲求靶机ip：192.168.56.53 难度：高涉及内容：信息收集：目录爆破、敏感文件泄露（.

2026-03-27

#HVM