https://n0tr00t.eu.org/posts/所有文章 | n0tr00t's blogHugo -- gohugo.iozhblog@n0tr00t.eu.org (n0tr00t)blog@n0tr00t.eu.org (n0tr00t)Sun, 19 Feb 2023 12:33:08 +0000https://n0tr00t.eu.org/posts/%E5%B7%B2%E7%9F%A5%E6%89%80%E7%94%A8%E5%BC%80%E6%BA%90%E9%A1%B9%E7%9B%AE%E6%89%AB%E6%8F%8F%E7%9B%AE%E6%A0%87%E7%AB%99%E7%82%B9%E5%8F%AF%E7%94%A8%E8%B7%AF%E7%BB%8F/Sun, 19 Feb 2023 12:33:08 +0000n0tr00thttps://n0tr00t.eu.org/posts/%E5%B7%B2%E7%9F%A5%E6%89%80%E7%94%A8%E5%BC%80%E6%BA%90%E9%A1%B9%E7%9B%AE%E6%89%AB%E6%8F%8F%E7%9B%AE%E6%A0%87%E7%AB%99%E7%82%B9%E5%8F%AF%E7%94%A8%E8%B7%AF%E7%BB%8F/部署项目，在生成的站点目录下使用以下命令扫描即可 1 find | gobuster dir -w - -u https://target.comhttps://n0tr00t.eu.org/posts/%E5%AF%86%E7%A0%81%E7%AE%A1%E7%90%86%E5%99%A8password-store%E5%91%BD%E4%BB%A4%E8%A1%8C%E8%87%AA%E5%8A%A8%E5%A1%AB%E5%85%A5gpg%E7%A7%81%E9%92%A5%E5%AF%86%E7%A0%81/Mon, 26 Sep 2022 23:30:00 +0000n0tr00thttps://n0tr00t.eu.org/posts/%E5%AF%86%E7%A0%81%E7%AE%A1%E7%90%86%E5%99%A8password-store%E5%91%BD%E4%BB%A4%E8%A1%8C%E8%87%AA%E5%8A%A8%E5%A1%AB%E5%85%A5gpg%E7%A7%81%E9%92%A5%E5%AF%86%E7%A0%81/https://n0tr00t.eu.org/posts/wordpress%E7%BD%91%E7%AB%99%E6%B8%97%E9%80%8F%E6%96%B9%E6%B3%95%E6%8C%87%E5%8D%97/Thu, 15 Sep 2022 08:00:18 +0000n0tr00thttps://n0tr00t.eu.org/posts/wordpress%E7%BD%91%E7%AB%99%E6%B8%97%E9%80%8F%E6%96%B9%E6%B3%95%E6%8C%87%E5%8D%97/原作者：HACK学习呀 n0tr00t进行补充 如果您遇到使用 WordPress 的网站，您会怎么做，渗透思路和安全检测思路？ 如何挖掘Wordpress网站的漏洞 如果您访问https://target.com并查看源代码，您将看到来自 WordPress 的主题和插件的链接。 或者你可以访问https://target.com/wp-login.php，它是 WordPress 登录管理页面 通过查看核心、插件和主题版本找到相关的CVE 如何找到wordpress版本 1 2 3 4 https://target.com/feed https://target.com/?feed=rss2 https://target.com/.git/config https://target.com/SECURITY.md (开发版) 如何找到插件版本 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 https://target.com/wp-content/plugins/PLUGINNAME/.git/config https://target.com/wp-content/plugins/PLUGINNAME/changelog https://target.com/wp-content/plugins/PLUGINNAME/changelog.txt https://target.com/wp-content/plugins/PLUGINNAME/changelog.md https://target.com/wp-content/plugins/PLUGINNAME/changelog.rst https://target.https://n0tr00t.eu.org/posts/f-droid-mirrors/Mon, 05 Sep 2022 08:57:40 +0000n0tr00thttps://n0tr00t.eu.org/posts/f-droid-mirrors/F-Droid Archive The archive of the official F-Droid Free Software repository. Apps here are old and can contain known vulnerabilities and security issues! 中国科学院软件研究所 https://mirror.iscas.ac.cn/fdroid/archive?fingerprint=43238D512C1E5EB2D6569F4A3AFBF5523418B82E0A3ED1552770ABB9A9C9CCAB 清华大学 https://mirrors.tuna.tsinghua.edu.cn/fdroid/archive?fingerprint=43238D512C1E5EB2D6569F4A3AFBF5523418B82E0A3ED1552770ABB9A9C9CCAB 南京大学 https://mirror.nju.edu.cn/fdroid/archive?fingerprint=43238D512C1E5EB2D6569F4A3AFBF5523418B82E0A3ED1552770ABB9A9C9CCAB F-Droid The official F-Droid Free Software repository. Everything in this repository is always built from the source code. 中国科学院软件研究所 https://mirror.iscas.ac.cn/fdroid/repo?fingerprint=43238D512C1E5EB2D6569F4A3AFBF5523418B82E0A3ED1552770ABB9A9C9CCAB 清华大学 https://mirrors.tuna.tsinghua.edu.cn/fdroid/repo?fingerprint=43238D512C1E5EB2D6569F4A3AFBF5523418B82E0A3ED1552770ABB9A9C9CCAB 南京大学 https://mirror.nju.edu.cn/fdroid/repo?fingerprint=43238D512C1E5EB2D6569F4A3AFBF5523418B82E0A3ED1552770ABB9A9C9CCAB Collabora Office F-Droid Repo Collabora Office is a text editor, spreadsheet and presentation program based on LibreOffice, the world’s most popular Open Source office suite - and now it’s on Android, enhancing your possibilities to work on mobile and for collaboration.https://n0tr00t.eu.org/posts/tryhackme-confidentialchinese/Sat, 20 Aug 2022 00:07:23 +0000n0tr00thttps://n0tr00t.eu.org/posts/tryhackme-confidentialchinese/LibreOffice 打开文件，移动图片，扫描QR码即可。https://n0tr00t.eu.org/posts/hello-world/Mon, 18 Jul 2022 07:46:46 +0000n0tr00thttps://n0tr00t.eu.org/posts/hello-world/Hello World!