---

一 题目

Tags

Telnet、Network、Protocols、Reconnaissance、Weak Credentials、Misconfiguration

译文：标签、远程登录、网络、协议、侦察、弱凭证、配置错误

Connect

To attack the target machine, you must be on the same network.Connect to the Starting Point VPN using one of the following options.
It may take a minute for HTB to recognize your connection.If you don't see an update after 2-3 minutes, refresh the page.

译文：要攻击目标机器，您必须位于同一网络上。使用以下选项之一连接到起点 VPN。
HTB 可能需要一分钟才能识别您的连接。如果 2-3 分钟后没有看到更新，请刷新页面。

SPAWN MACHINE

Spawn the target machine and the IP will show here.

译文：生成目标机器，IP 将显示在此处

TASK 1

What does the acronym VM stand for?

译文：VM 缩写代表什么？

答：Virtual Machine

TASK 2

What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It's also known as a console or shell.

译文：我们使用什么工具与操作系统交互，以便通过命令行发出命令，例如启动 VPN 连接的工具？它也称为控制台或壳。

答：terminal

TASK 3

What service do we use to form our VPN connection into HTB labs?

译文：我们使用什么服务与 HTB 实验室的 VPN 建立连接？

答：openvpn

TASK 4

What tool do we use to test our connection to the target with an ICMP echo request?

译文：我们使用什么工具通过 ICMP 回显请求来测试与目标的连接？

答：ping

TASK 5

What is the name of the most common tool for finding open ports on a target?

译文：用于查找目标上开放端口的最常用工具的名称是什么？

答：nmap

TASK 6

What service do we identify on port 23/tcp during our scans?

译文：在扫描过程中，我们在端口 23/tcp 上识别出哪些服务？

答：telnet

TASK 7

What username is able to log into the target over telnet with a blank password?

译文： telnet 的什么用户名能够使用空密码登录目标？

答：root

SUBMIT FLAG

Submit root flag

译文：提交根标志

---

二 实验过程

靶机ip地址：10.129.126.87

1.端口扫描

nmap -sV 10.129.126.87

2.Telnet登录

root用户使用空密码可以通过telnet登陆服务器

3.查看flag

---