my blog
2025
08
31
prize prize
grandmas_notes看源码可知会提示密码前几位的正确性。burp攻击,记得开重定向,减缓攻击速度,即可爆出admin密码。 abcdefghijklmnopqrstuvwxyz0123456789ZAQWSXCDERFVBGTYHN
2025-08-31 q1n9
ctf wp
17
Exchanges Exchanges
Exchangesflag01扫一下 ──(kali㉿kali)-[~/桌面/tools/tools/fscan_all_version] └─$ ./fscan -h 39.98.109.189 ___
2025-08-17 q1n9
春秋云镜 渗透
13
Certify Certify
Certifyflag01┌──(kali㉿kali)-[~/桌面/tools/tools/fscan_all_version] └─$ ./fscan -h 39.98.107.120 ___
2025-08-13 q1n9
春秋云镜 渗透
13
brute4road brute4road
brute4roadflag01cd "/mnt/d/软件工具/渗透/tools/tools/fscan_all_version/fscan_all_version" ┌──(q1n9㉿LAPTOP-3H92FD9J)-[/mnt/d/软
2025-08-13 q1n9
春秋云镜 渗透
11
time time
timeflag0139.98.107.186 cd "/mnt/d/软件工具/渗透/tools/tools/fscan_all_version/fscan_all_version" q1n9@LAPTOP-3H92FD9J:/mnt/d
2025-08-11 q1n9
春秋云镜 渗透
07
nepctf nepctf
easyGooGooVVVY从Jenkins RCE看Groovy代码注入-先知社区 def process = "".class.forName('java.lang.Runtime') .getMethod('getRunti
2025-08-07 q1n9
ctf wp
04
Initial Initial
Initialflag1先用fscan扫一下 ./fscan -h 39.99.138.127 -nobr(-nobr设置不爆破弱口令) 172.22.1.15扫出来有poc-yaml-thinkphp5023-method-rce
2025-08-04 q1n9
春秋云镜 渗透