-
What does the 3-letter acronym FTP stand for?
FTP 这个三字母缩写代表什么?File Transfer Protocol
-
Which port does the FTP service listen on usually?
FTP 服务通常监听哪个端口?21
-
FTP sends data in the clear, without any encryption. What acronym is used for a later protocol designed to provide similar functionality to FTP but securely, as an extension of the SSH protocol?
FTP 以明文方式发送数据,无需任何加密。后来设计为提供类似 FTP 功能但安全且作为 SSH 协议扩展的协议,使用了什么缩写?SFTP
-
What is the command we can use to send an ICMP echo request to test our connection to the target?
我们可以用什么命令发送 ICMP 回声请求来测试与目标的连接?ping
-
From your scans, what version is FTP running on the target?
根据你的扫描,目标上的 FTP 运行的是哪个版本?vsftpd 3.0.3
┌─[eu-starting-point-1-dhcp]─[10.10.15.29]─[youze27@htb-sxf3wxjoxq]─[~] └──╼ [★]$ nmap -A 10.129.15.130 Starting Nmap 7.94SVN ( https://nmap.org ) at 2025-12-08 09:06 CST Nmap scan report for 10.129.15.130 Host is up (0.0081s latency). Not shown: 999 closed tcp ports (reset) PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 <----- | ftp-syst: | STAT: | FTP server status: | Connected to ::ffff:10.10.15.29 | Logged in as ftp | TYPE: ASCII | No session bandwidth limit | Session timeout in seconds is 300 | Control connection is plain text | Data connections will be plain text | At session startup, client count was 4 | vsFTPd 3.0.3 - secure, fast, stable |_End of status | ftp-anon: Anonymous FTP login allowed (FTP code 230) |_-rw-r--r-- 1 0 0 32 Jun 04 2021 flag.txt No exact OS matches for host (If you know what OS is running on it, see https://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=7.94SVN%E=4%D=12/8%OT=21%CT=1%CU=40674%PV=Y%DS=2%DC=T%G=Y%TM=6936 OS:E99F%P=x86_64-pc-linux-gnu)SEQ(SP=102%GCD=1%ISR=10C%TI=Z%CI=Z%II=I%TS=A) OS:OPS(O1=M552ST11NW7%O2=M552ST11NW7%O3=M552NNT11NW7%O4=M552ST11NW7%O5=M552 OS:ST11NW7%O6=M552ST11)WIN(W1=FE88%W2=FE88%W3=FE88%W4=FE88%W5=FE88%W6=FE88) OS:ECN(R=Y%DF=Y%T=40%W=FAF0%O=M552NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+% OS:F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T OS:5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=A%A= OS:Z%F=R%O=%RD=0%Q=)T7(R=N)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK OS:=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S) Network Distance: 2 hops Service Info: OS: Unix <------ TRACEROUTE (using port 111/tcp) HOP RTT ADDRESS 1 7.30 ms 10.10.14.1 2 7.93 ms 10.129.15.130 OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 12.31 seconds -
From your scans, what OS type is running on the target?
根据你的扫描,目标上运行的是哪种作系统类型?Unix
-
What is the command we need to run in order to display the 'ftp' client help menu?
我们需要运行什么命令才能显示“ftp”客户端帮助菜单?ftp -?
-
What is username that is used over FTP when you want to log in without having an account?
当你想在没有账户的情况下登录时,通过 FTP 使用的用户名是什么?anonymous
-
What is the response code we get for the FTP message 'Login successful'?
我们收到的 FTP 消息“登录成功”的响应代码是什么?230
-
There are a couple of commands we can use to list the files and directories available on the FTP server. One is dir. What is the other that is a common way to list files on a Linux system.
我们可以用几个命令来列出 FTP 服务器上可用的文件和目录。其中一个是 dir。在 Linux 系统上,列出文件的另一种常见方式是什么?ls
-
What is the command used to download the file we found on the FTP server?
下载我们在 FTP 服务器上找到的文件用的命令是什么?get
-
Submit root flag 提交根标志
┌─[eu-starting-point-1-dhcp]─[10.10.15.29]─[youze27@htb-sxf3wxjoxq]─[~] └──╼ [★]$ ftp 10.129.15.107 Connected to 10.129.15.107. 220 (vsFTPd 3.0.3) Name (10.129.15.107:root): anonymous 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 229 Entering Extended Passive Mode (|||36792|) 150 Here comes the directory listing. -rw-r--r-- 1 0 0 32 Jun 04 2021 flag.txt 226 Directory send OK. ftp> get flag.txt local: flag.txt remote: flag.txt 229 Entering Extended Passive Mode (|||37768|) 150 Opening BINARY mode data connection for flag.txt (32 bytes). 100% |***********************************| 32 20.94 KiB/s 00:00 ETA 226 Transfer complete. 32 bytes received in 00:00 (3.54 KiB/s) ftp> bye 221 Goodbye. ┌─[eu-starting-point-1-dhcp]─[10.10.15.29]─[youze27@htb-sxf3wxjoxq]─[~] └──╼ [★]$ ls cacert.der Documents flag.txt my_data Public Videos Desktop Downloads Music Pictures Templates ┌─[eu-starting-point-1-dhcp]─[10.10.15.29]─[youze27@htb-sxf3wxjoxq]─[~] └──╼ [★]$ cat flag.txt 035db21c881520061c53e0536e44f815
-
What does the acronym VM stand for?
VM 这个缩写代表什么?!!Virtual Machine!!
-
What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It's also known as a console or shell.
我们用什么工具来与作系统交互,以便通过命令行下达命令,比如启动 VPN 连接的那个?它也被称为控制台或外壳。!!terminal!!
-
What service do we use to form our VPN connection into HTB labs?
我们用什么服务来把 VPN 连接连接到 HTB Labs?!!openvpn!!
-
What tool do we use to test our connection to the target with an ICMP echo request?
我们用什么工具来测试与目标的连接,发送 ICMP 回声请求?!!ping!!
-
What is the name of the most common tool for finding open ports on a target?
寻找目标开放端口的最常用工具叫什么名字?!!nmap!!
-
What service do we identify on port 23/tcp during our scans?
在扫描时,我们在端口 23/TCP 上识别哪个服务?!!telnet!!
-
What username is able to log into the target over telnet with a blank password?
什么用户名能用空密码通过 telnet 登录目标网站?!!root!!
-
Submit root flag 提交根标志
0H 16M 23S 0小时 16分 23秒
-
What does the acronym VM stand for?
VM 这个缩写代表什么?!!Virtual Machine!!
-
What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It's also known as a console or shell.
我们用什么工具来与作系统交互,以便通过命令行下达命令,比如启动 VPN 连接的那个?它也被称为控制台或外壳。!!terminal!!
-
What service do we use to form our VPN connection into HTB labs?
我们用什么服务来把 VPN 连接连接到 HTB Labs?!!openvpn!!
-
What tool do we use to test our connection to the target with an ICMP echo request?
我们用什么工具来测试与目标的连接,发送 ICMP 回声请求?!!ping!!
-
What is the name of the most common tool for finding open ports on a target?
寻找目标开放端口的最常用工具叫什么名字?!!nmap!!
-
What service do we identify on port 23/tcp during our scans?
在扫描时,我们在端口 23/TCP 上识别哪个服务?!!telnet!!
-
What username is able to log into the target over telnet with a blank password?
什么用户名能用空密码通过 telnet 登录目标网站?!!root!!
-
Submit root flag 提交根标志
0H 16M 23S 0小时 16分 23秒
基本图片
带标题和居中对齐
图:金色的阳光洒在海面上
如今企业产生的数据量令人震惊。
然而,缺乏有效策略,大部分信息未被充分利用,数据被孤岛化。
这时,数据湖应运而生——一种强大且灵活的现代数据管理解决方案,能够将原始信息转化为有价值的资产。
如果您的组织正在寻找更好的数据处理和分析方法,本指南非常适合您。我们将解析什么是数据湖,它是如何运作的,以及为何不同行业的企业正在采用它。
数据湖介绍
让我们先从数据湖的基本背景说起。
什么是数据湖?
数据湖是一个集中式存储库,旨在存储大量结构化、半结构化和非结构化数据。与传统系统如数据仓库不同,数据湖不需要在存储数据前预定义模式。
一、当前网络安全行业招聘需求全景解析
1.1 行业整体人才供需趋势与岗位分布
根据《2024中国网络安全人才发展白皮书》(奇安信与深信服联合发布)及CNCERT 2023–2024年度报告数据,我国网络安全领域的人才缺口持续扩大,预计2025年将突破300万,而当前从业人员总数约为98万,供需失衡严重。这一矛盾在政策驱动下进一步加剧。
一、岗位数量变化趋势(2023–2024)
通过对猎聘、脉脉、BOSS直聘、拉勾网、智联招聘五大主流平台的爬取与清洗分析(时间跨度:2023年1月–2024年6月),共获取有效网络安全相关岗位 127,643条,其中:
一、银狐木马基础概念与演化背景
1.1 银狐木马的定义与历史演进
银狐(Silver Fox)是一种长期活跃于网络攻击领域的高级持续性威胁(APT)木马家族,最早可追溯至2020年中后期,其初始版本主要通过钓鱼邮件和仿冒合法软件分发。该木马以高隐蔽性、多阶段加载能力、强对抗杀毒软件的能力著称,在全球范围内对金融、医疗、政府等关键基础设施造成严重威胁。
✅ 初始阶段(2020–2021):基于DLL劫持 + 简单注册表持久化
-
典型特征:
-
使用传统DLL劫持方式(如
C:\Windows\System32\ 下伪造 DLL 文件)注入到explorer.exe 或svchost.exe中运行。 -
持久化机制依赖修改注册表项:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SilverFox" = "C:\Users\Public\Documents\malicious.dll" -
载荷采用静态编译,无加密或混淆,易被签名引擎识别(如VirusTotal识别率高达87%)。
-
-
代表性样本:银狐V1(2021年初),由CERT-CN记录其在某央企财务部门传播事件,导致内部OA系统数据外泄。