Matrix-Breakout-2-Morpheus (New)
前言 之前的文章虽然写过这一个机器,但是却不是预期路线,这里重新打一遍 Nmap [root@Hacking] /home/kali/Matrix ❯ nmap 192.168.237.173 -A -p- Starting Nmap 7.95 ( https://nmap.org ) at 2025-08-30 09:07 CST Nmap scan report for 192.168.237.173 Host is up (0.00032s latency). Not shown: 65532 closed tcp ports (reset) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 8.4p1 Debian 5 (protocol 2.0) | ssh-hostkey: |_ 256 aa:83:c3:51:78:61:70:e5:b7:46:9f:07:c4:ba:31:e4 (ECDSA) 80/tcp open http Apache httpd 2.4.51 ((Debian)) |_http-server-header: Apache/2.4.51 (Debian) |_http-title: Morpheus:1 81/tcp open http nginx 1.18.0 |_http-server-header: nginx/1.18.0 | http-auth: | HTTP/1.1 401 Unauthorized\x0D |_ Basic realm=Meeting Place |_http-title: 401 Authorization Required Feroxbuster [root@Hacking] /home/kali/Matrix ❯ feroxbuster -u 'http://192.168.237.173/' -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x txt,php ___ ___ __ __ __ __ __ ___ |__ |__ |__) |__) | / ` / \ \_/ | | \ |__ | |___ | \ | \ | \__, \__/ / \ | |__/ |___ by Ben "epi" Risher 🤓 ver: 2.11.0 ───────────────────────────┬────────────────────── 🎯 Target Url │ http://192.168.237.173/ 🚀 Threads │ 50 📖 Wordlist │ /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt 👌 Status Codes │ All Status Codes! 💥 Timeout (secs) │ 7 🦡 User-Agent │ feroxbuster/2.11.0 💉 Config File │ /etc/feroxbuster/ferox-config.toml 🔎 Extract Links │ true 💲 Extensions │ [txt, php] 🏁 HTTP methods │ [GET] 🔃 Recursion Depth │ 4 ───────────────────────────┴────────────────────── 🏁 Press [ENTER] to use the Scan Management Menu™ ────────────────────────────────────────────────── 404 GET 9l 31w 277c Auto-filtering found 404-like response and created new filter; toggle off with --dont-filter 403 GET 9l 28w 280c Auto-filtering found 404-like response and created new filter; toggle off with --dont-filter 200 GET 175l 1014w 78508c http://192.168.237.173/trinity.jpeg 200 GET 15l 45w 348c http://192.168.237.173/ 301 GET 9l 28w 323c http://192.168.237.173/javascript => http://192.168.237.173/javascript/ 200 GET 1l 7w 47c http://192.168.237.173/robots.txt 200 GET 4l 27w 139c http://192.168.237.173/graffiti.txt 200 GET 24l 56w 451c http://192.168.237.173/graffiti.php 301 GET 9l 28w 330c http://192.168.237.173/javascript/jquery => http://192.168.237.173/javascript/jquery/ 200 GET 10870l 44283w 287600c http://192.168.237.173/javascript/jquery/jquery [####################] - 3m 1984956/1984956 0s found:8 errors:0 [####################] - 3m 661638/661638 4125/s http://192.168.237.173/ [####################] - 3m 661638/661638 3743/s http://192.168.237.173/javascript/ [####################] - 3m 661638/661638 4219/s http://192.168.237.173/javascript/jquery/ 发现一个特殊的graffiti.txt和graffiti.php ...