GOAD-Light-Part1-主机侦察

GOAD-Light_schema

枚举网络

使用crackmapexec(cme)扫描netbios协议,可以快速获取所有 Windows机器 IP、名称和域

Windows 机器通常开启 SMB (445端口) 和 NetBIOS (139端口)。通过这些协议,机器会广播自己的主机名、域名和操作系统版本。

1
2
3
4
5
┌──(root㉿kali)-[/home/kali/GOAD]                                          
└─# crackmapexec smb 192.168.56.0/24            
SMB         192.168.56.10   445    KINGSLANDING     [*] Windows 10.0 Build 17763 x64 (name:KINGSLANDING) (domain:sevenkingdoms.local) (signing:True) (SMBv1:False)                        
SMB         192.168.56.11   445    WINTERFELL       [*] Windows 10.0 Build 17763 x64 (name:WINTERFELL) (domain:north.sevenkingdoms.local) (signing:True) (SMBv1:False)
SMB         192.168.56.22   445    CASTELBLACK      [*] Windows 10.0 Build 17763 x64 (name:CASTELBLACK) (domain:north.sevenkingdoms.local) (signing:False) (SMBv1:False)

从信息中知道有两个域:

  • sevenkingdoms.local
    • 192.168.56.10 KINGSLANDING signing:True
  • north.sevenkingdoms.local
    • 192.168.56.11 WINTERFELL signing:True
    • 192.168.56.22 CASTELBLACK signing:False

微软默认讲DC的smb签名设置位true,大概能猜到KINGSLANDINGWINTERFELL为DC

在安全环境中,签名必须在任何地方都为真,以避免 ntlm 中继攻击

SMB是一种网络文件共享协议 因此,SMB需要计算机或服务器上的网络端口才能与其他系统通信 SMB使用IP端口:139或445

  • 端口 139:SMB最初使用端口139在NetBIOS之上运行NetBIOS是一个较旧的传输层,它允许Windows计算机在同一网络上相互通信
  • 端口 445:更高版本的SMB(在Windows2000之后)开始在TCP堆栈之上使用端口445,使用TCP允许SMB通过Internet工作

查找DC

通过使用 nslookup 查询 DNS 来枚举域控制器 (DC)。

SRV(Service)记录是DNS的一种记录类型,用于定位服务而不仅仅是主机。它告诉客户端:

  • 在哪里可以找到某个服务
  • 通过什么端口
  • 哪个服务器优先级更高
  • 如何负载均衡

_ ldap._tcp

  • 通过TCP协议提供的LDAP服务
1
2
3
4
5
6
问题:"我想找sevenkingdoms.local域的LDAP服务"
普通DNS:只能给IP,不知道端口,不知道哪个是域控

SRV记录回答:
"用TCP连接,去dc1.sevenkingdoms.local的389端口,
优先级0,权重100,还有备用的dc2..."
1
nslookup -type=srv _ldap._tcp.dc._msdcs.sevenkingdoms.local 192.168.56.10
1
2
3
4
5
┌──(root㉿kali)-[/home/kali/GOAD]                                         
└─# nslookup -type=srv _ldap._tcp.dc._msdcs.sevenkingdoms.local 192.168.56.10 
Server:         192.168.56.10                                               
Address:        192.168.56.10#53                                         
_ldap._tcp.dc._msdcs.sevenkingdoms.local        service = 0 100 389 kingslanding.sevenkingdoms.local.  
1
nslookup -type=srv _ldap._tcp.dc._msdcs.north.sevenkingdoms.local 192.168.56.10
1
2
3
4
5
6
7
8
┌──(root㉿kali)-[/home/kali/GOAD]                                         
└─# nslookup -type=srv _ldap._tcp.dc._msdcs.north.sevenkingdoms.local 192.168.56.10  
Server:         192.168.56.10                                              
Address:        192.168.56.10#53                                       
Non-authoritative answer:                                                   
_ldap._tcp.dc._msdcs.north.sevenkingdoms.local  service = 0 100 389 winterfell.north.sevenkingdoms.local. 
Authoritative answers can be found from:                                    
winterfell.north.sevenkingdoms.local    internet address = 192.168.56.11

配置 /etc/hosts 和 Kerberos

  • 要在我们的 Linux 环境中使用 Kerberos,我们需要进行一些配置。
  • 首先,我们必须通过配置 /etc/hosts 文件来设置 DNS。
1
2
3
192.168.56.10   sevenkingdoms.local kingslanding.sevenkingdoms.local kingslanding  
192.168.56.11   winterfell.north.sevenkingdoms.local north.sevenkingdoms.local winterfell 
192.168.56.22   castelblack.north.sevenkingdoms.local castelblack

安装Linux kerberos客户端

1
sudo apt install krb5-user

设置如下

1
2
realm: north.sevenkingdoms.local
servers: winterfell.north.sevenkingdoms.local

配置/etc/krb5.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
sudo tee /etc/krb5.conf << 'EOF'
[libdefaults]
    default_realm = NORTH.SEVENKINGDOMS.LOCAL
    kdc_timesync = 1
    ccache_type = 4
    forwardable = true
    proxiable = true
    fcc-mit-ticketflags = true

[realms]
    NORTH.SEVENKINGDOMS.LOCAL = {
        kdc = winterfell.north.sevenkingdoms.local
        admin_server = winterfell.north.sevenkingdoms.local
    }
    SEVENKINGDOMS.LOCAL = {
        kdc = kingslanding.sevenkingdoms.local
        admin_server = kingslanding.sevenkingdoms.local
    }

[domain_realm]
    .north.sevenkingdoms.local = NORTH.SEVENKINGDOMS.LOCAL
    north.sevenkingdoms.local = NORTH.SEVENKINGDOMS.LOCAL
    .sevenkingdoms.local = SEVENKINGDOMS.LOCAL
    sevenkingdoms.local = SEVENKINGDOMS.LOCAL
    winterfell.north.sevenkingdoms.local = NORTH.SEVENKINGDOMS.LOCAL
    winterfell = NORTH.SEVENKINGDOMS.LOCAL
EOF

现在我们的环境中已经设置好了 Kerberos,我们将尝试能否为用户获取 TGT(假设已知用户密码)。

1
impacket-getTGT north.sevenkingdoms.local/arya.stark:Needle -dc-ip 192.168.56.11

image-20260121162105600

设置环境变量

1
export KRB5CCNAME=arya.stark.ccache

测试连接性

1
impacket-smbclient -k @winterfell

image-20260121162339368

kerberos设置很好,取消Ticket

1
unset KRB5CCNAME

nmap

nmap会在扫描目标之前执行ping,如果目标不响应ping,它将被忽略

确保我们不会遗漏TCP上任何内容的方法可能是使用以下选项进行扫描:

1
nmap -Pn -p- -sC -sV -oA full_scan_goad 192.168.56.10-11,22
  • Pn 不ping 直接扫描提供的全部IP
  • p- 扫描全部65535个端口
  • sC 执行侦查脚本
  • sV 遍历版本
  • oA 以三种形式输出结果 (nmap classic, grep format, xml format
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
┌──(kali㉿kali)-[~/GOAD]
└─$ cat full_scan_goad.nmap
# Nmap 7.93 scan initiated Wed Jan 21 03:03:16 2026 as: nmap -Pn -p- -sC -sV -oA full_scan_goad 192.168.56.10-11,22
Nmap scan report for sevenkingdoms.local (192.168.56.10)
Host is up (0.00016s latency).
Not shown: 65506 closed tcp ports (reset)
PORT      STATE SERVICE       VERSION
53/tcp    open  domain        Simple DNS Plus
80/tcp    open  http          Microsoft IIS httpd 10.0
|_http-server-header: Microsoft-IIS/10.0
| http-methods: 
|_  Potentially risky methods: TRACE
|_http-title: IIS Windows Server
88/tcp    open  kerberos-sec  Microsoft Windows Kerberos (server time: 2026-01-21 08:03:47Z)
135/tcp   open  msrpc         Microsoft Windows RPC
139/tcp   open  netbios-ssn   Microsoft Windows netbios-ssn
389/tcp   open  ldap          Microsoft Windows Active Directory LDAP (Domain: sevenkingdoms.local0., Site: Default-First-Site-Name)
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=kingslanding.sevenkingdoms.local
| Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:kingslanding.sevenkingdoms.local
| Not valid before: 2026-01-19T15:49:33
|_Not valid after:  2027-01-19T15:49:33
445/tcp   open  microsoft-ds?
464/tcp   open  kpasswd5?
593/tcp   open  ncacn_http    Microsoft Windows RPC over HTTP 1.0
636/tcp   open  ssl/ldap      Microsoft Windows Active Directory LDAP (Domain: sevenkingdoms.local0., Site: Default-First-Site-Name)
| ssl-cert: Subject: commonName=kingslanding.sevenkingdoms.local
| Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:kingslanding.sevenkingdoms.local
| Not valid before: 2026-01-19T15:49:33
|_Not valid after:  2027-01-19T15:49:33
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
3268/tcp  open  ldap          Microsoft Windows Active Directory LDAP (Domain: sevenkingdoms.local0., Site: Default-First-Site-Name)
| ssl-cert: Subject: commonName=kingslanding.sevenkingdoms.local
| Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:kingslanding.sevenkingdoms.local
| Not valid before: 2026-01-19T15:49:33
|_Not valid after:  2027-01-19T15:49:33
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
3269/tcp  open  ssl/ldap      Microsoft Windows Active Directory LDAP (Domain: sevenkingdoms.local0., Site: Default-First-Site-Name)
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=kingslanding.sevenkingdoms.local
| Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:kingslanding.sevenkingdoms.local
| Not valid before: 2026-01-19T15:49:33
|_Not valid after:  2027-01-19T15:49:33
3389/tcp  open  ms-wbt-server Microsoft Terminal Services
| ssl-cert: Subject: commonName=kingslanding.sevenkingdoms.local
| Not valid before: 2026-01-18T15:02:03
|_Not valid after:  2026-07-20T15:02:03
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
5985/tcp  open  http          Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
5986/tcp  open  ssl/http      Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=VAGRANT
| Subject Alternative Name: DNS:VAGRANT, DNS:vagrant
| Not valid before: 2026-01-18T04:55:49
|_Not valid after:  2029-01-17T04:55:49
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
| tls-alpn: 
|_  http/1.1
9389/tcp  open  mc-nmf        .NET Message Framing
47001/tcp open  http          Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
49664/tcp open  msrpc         Microsoft Windows RPC
49665/tcp open  msrpc         Microsoft Windows RPC
49666/tcp open  msrpc         Microsoft Windows RPC
49668/tcp open  msrpc         Microsoft Windows RPC
49669/tcp open  msrpc         Microsoft Windows RPC
49670/tcp open  ncacn_http    Microsoft Windows RPC over HTTP 1.0
49671/tcp open  msrpc         Microsoft Windows RPC
49673/tcp open  msrpc         Microsoft Windows RPC
49676/tcp open  msrpc         Microsoft Windows RPC
49686/tcp open  msrpc         Microsoft Windows RPC
49699/tcp open  msrpc         Microsoft Windows RPC
56546/tcp open  msrpc         Microsoft Windows RPC
MAC Address: 08:00:27:BD:E5:9F (Oracle VirtualBox virtual NIC)
Service Info: Host: KINGSLANDING; OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results:
| smb2-time: 
|   date: 2026-01-21T08:05:47
|_  start_date: N/A
| smb2-security-mode: 
|   311: 
|_    Message signing enabled and required
|_nbstat: NetBIOS name: KINGSLANDING, NetBIOS user: <unknown>, NetBIOS MAC: 080027bde59f (Oracle VirtualBox virtual NIC)

Nmap scan report for winterfell.north.sevenkingdoms.local (192.168.56.11)
Host is up (0.00022s latency).
Not shown: 65508 closed tcp ports (reset)
PORT      STATE SERVICE       VERSION
53/tcp    open  domain        Simple DNS Plus
88/tcp    open  kerberos-sec  Microsoft Windows Kerberos (server time: 2026-01-21 08:03:53Z)
135/tcp   open  msrpc         Microsoft Windows RPC
139/tcp   open  netbios-ssn   Microsoft Windows netbios-ssn
389/tcp   open  ldap          Microsoft Windows Active Directory LDAP (Domain: sevenkingdoms.local0., Site: Default-First-Site-Name)
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=winterfell.north.sevenkingdoms.local
| Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:winterfell.north.sevenkingdoms.local
| Not valid before: 2026-01-19T17:26:02
|_Not valid after:  2027-01-19T17:26:02
445/tcp   open  microsoft-ds?
464/tcp   open  kpasswd5?
593/tcp   open  ncacn_http    Microsoft Windows RPC over HTTP 1.0
636/tcp   open  ssl/ldap      Microsoft Windows Active Directory LDAP (Domain: sevenkingdoms.local0., Site: Default-First-Site-Name)
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=winterfell.north.sevenkingdoms.local
| Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:winterfell.north.sevenkingdoms.local
| Not valid before: 2026-01-19T17:26:02
|_Not valid after:  2027-01-19T17:26:02
3268/tcp  open  ldap          Microsoft Windows Active Directory LDAP (Domain: sevenkingdoms.local0., Site: Default-First-Site-Name)
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=winterfell.north.sevenkingdoms.local
| Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:winterfell.north.sevenkingdoms.local
| Not valid before: 2026-01-19T17:26:02
|_Not valid after:  2027-01-19T17:26:02
3269/tcp  open  ssl/ldap      Microsoft Windows Active Directory LDAP (Domain: sevenkingdoms.local0., Site: Default-First-Site-Name)
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=winterfell.north.sevenkingdoms.local
| Subject Alternative Name: othername: 1.3.6.1.4.1.311.25.1::<unsupported>, DNS:winterfell.north.sevenkingdoms.local
| Not valid before: 2026-01-19T17:26:02
|_Not valid after:  2027-01-19T17:26:02
3389/tcp  open  ms-wbt-server Microsoft Terminal Services
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| rdp-ntlm-info: 
|   Target_Name: NORTH
|   NetBIOS_Domain_Name: NORTH
|   NetBIOS_Computer_Name: WINTERFELL
|   DNS_Domain_Name: north.sevenkingdoms.local
|   DNS_Computer_Name: winterfell.north.sevenkingdoms.local
|   DNS_Tree_Name: sevenkingdoms.local
|   Product_Version: 10.0.17763
|_  System_Time: 2026-01-21T08:05:50+00:00
| ssl-cert: Subject: commonName=winterfell.north.sevenkingdoms.local
| Not valid before: 2026-01-18T15:35:52
|_Not valid after:  2026-07-20T15:35:52
5985/tcp  open  http          Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
5986/tcp  open  ssl/http      Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
|_http-title: Not Found
| ssl-cert: Subject: commonName=VAGRANT
| Subject Alternative Name: DNS:VAGRANT, DNS:vagrant
| Not valid before: 2026-01-18T05:12:07
|_Not valid after:  2029-01-17T05:12:07
| tls-alpn: 
|_  http/1.1
|_http-server-header: Microsoft-HTTPAPI/2.0
9389/tcp  open  mc-nmf        .NET Message Framing
47001/tcp open  http          Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-title: Not Found
|_http-server-header: Microsoft-HTTPAPI/2.0
49664/tcp open  msrpc         Microsoft Windows RPC
49665/tcp open  msrpc         Microsoft Windows RPC
49666/tcp open  msrpc         Microsoft Windows RPC
49669/tcp open  msrpc         Microsoft Windows RPC
49671/tcp open  msrpc         Microsoft Windows RPC
49679/tcp open  ncacn_http    Microsoft Windows RPC over HTTP 1.0
49680/tcp open  msrpc         Microsoft Windows RPC
49684/tcp open  msrpc         Microsoft Windows RPC
49690/tcp open  msrpc         Microsoft Windows RPC
49719/tcp open  msrpc         Microsoft Windows RPC
49783/tcp open  msrpc         Microsoft Windows RPC
MAC Address: 08:00:27:0C:46:BA (Oracle VirtualBox virtual NIC)
Service Info: Host: WINTERFELL; OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results:
|_nbstat: NetBIOS name: WINTERFELL, NetBIOS user: <unknown>, NetBIOS MAC: 0800270c46ba (Oracle VirtualBox virtual NIC)
| smb2-security-mode: 
|   311: 
|_    Message signing enabled and required
| smb2-time: 
|   date: 2026-01-21T08:05:47
|_  start_date: N/A

Nmap scan report for castelblack.north.sevenkingdoms.local (192.168.56.22)
Host is up (0.00012s latency).
Not shown: 65516 closed tcp ports (reset)
PORT      STATE SERVICE       VERSION
80/tcp    open  http          Microsoft IIS httpd 10.0
| http-methods: 
|_  Potentially risky methods: TRACE
|_http-server-header: Microsoft-IIS/10.0
|_http-title: Site doesn't have a title (text/html).
135/tcp   open  msrpc         Microsoft Windows RPC
139/tcp   open  netbios-ssn   Microsoft Windows netbios-ssn
445/tcp   open  microsoft-ds?
1433/tcp  open  ms-sql-s      Microsoft SQL Server 2019 15.00.2000.00; RTM
|_ms-sql-ntlm-info: ERROR: Script execution failed (use -d to debug)
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=SSL_Self_Signed_Fallback
| Not valid before: 2026-01-21T07:26:11
|_Not valid after:  2056-01-21T07:26:11
|_ms-sql-info: ERROR: Script execution failed (use -d to debug)
3389/tcp  open  ms-wbt-server Microsoft Terminal Services
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| ssl-cert: Subject: commonName=castelblack.north.sevenkingdoms.local
| Not valid before: 2026-01-18T15:49:51
|_Not valid after:  2026-07-20T15:49:51
5985/tcp  open  http          Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
5986/tcp  open  ssl/http      Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
| ssl-cert: Subject: commonName=VAGRANT
| Subject Alternative Name: DNS:VAGRANT, DNS:vagrant
| Not valid before: 2026-01-18T05:27:24
|_Not valid after:  2029-01-17T05:27:24
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
| tls-alpn: 
|_  http/1.1
|_http-title: Not Found
47001/tcp open  http          Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
49664/tcp open  msrpc         Microsoft Windows RPC
49665/tcp open  msrpc         Microsoft Windows RPC
49666/tcp open  msrpc         Microsoft Windows RPC
49668/tcp open  msrpc         Microsoft Windows RPC
49669/tcp open  msrpc         Microsoft Windows RPC
49670/tcp open  msrpc         Microsoft Windows RPC
49708/tcp open  msrpc         Microsoft Windows RPC
49726/tcp open  msrpc         Microsoft Windows RPC
49734/tcp open  msrpc         Microsoft Windows RPC
49813/tcp open  ms-sql-s      Microsoft SQL Server 2019 15.00.2000.00; RTM
|_ssl-date: 2026-01-21T08:05:55+00:00; 0s from scanner time.
|_ms-sql-info: ERROR: Script execution failed (use -d to debug)
| ssl-cert: Subject: commonName=SSL_Self_Signed_Fallback
| Not valid before: 2026-01-21T07:26:11
|_Not valid after:  2056-01-21T07:26:11
|_ms-sql-ntlm-info: ERROR: Script execution failed (use -d to debug)
MAC Address: 08:00:27:10:76:8C (Oracle VirtualBox virtual NIC)
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Host script results:
| smb2-security-mode: 
|   311: 
|_    Message signing enabled but not required
| smb2-time: 
|   date: 2026-01-21T08:05:49
|_  start_date: N/A
|_nbstat: NetBIOS name: CASTELBLACK, NetBIOS user: <unknown>, NetBIOS MAC: 08002710768c (Oracle VirtualBox virtual NIC)

Post-scan script results:
| clock-skew: 
|   0s: 
|     192.168.56.11 (winterfell.north.sevenkingdoms.local)
|     192.168.56.10 (sevenkingdoms.local)
|_    192.168.56.22 (castelblack.north.sevenkingdoms.local)
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Wed Jan 21 03:05:55 2026 -- 3 IP addresses (3 hosts up) scanned in 159.85 seconds
靶场
GOAD-Light-Part1-主机侦察
http://xiaowu5.cn/2026/01/21/GOAD-Light-Part1-主机侦察/
作者
5
发布于
2026年1月21日
许可协议
BY XIAOWU