Vulnhub靶机DC系列-DC3(joomla漏洞、sqlmap注入、john 解密)

VSole2023-04-10 09:40:50

0x0：靶场介绍

靶场名称：DC: 3

靶场发布时间：2019-4-25

靶场地址：https://www.vulnhub.com/entry/dc-32,312/

靶场描述：

DC-3 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.

As with the previous DC releases, this one is designed with beginners in mind, although this time around, there is only one flag, one entry point and no clues at all.

Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools.

For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won't give you the answer, instead, I'll give you an idea about how to move forward.

For those with experience doing CTF and Boot2Root challenges, this probably won't take you long at all (in fact, it could take you less than 20 minutes easily).

If that's the case, and if you want it to be a bit more of a challenge, you can always redo the challenge and explore other ways of gaining root and obtaining the flag.

1x0：环境搭建

使用VMware(NAT)会出现没有IP的情况，下面使用virtualBox(NAT模式)

在更新完win10最新版本后会出现打开不virtualBox的情况

在安装目录中cmd 输入（就可以解决Hyper-v和vurtualBox共存的情况）

#指定vbox下的虚拟系统开启这个功能
VBoxManage setextradata "<虚拟机名字>" "VBoxInternal/NEM/UseRing0Runloop" 0
#或指定vbox所有虚拟系统开启
VBoxManage setextradata global "VBoxInternal/NEM/UseRing0Runloop" 0