Windmill

┌──(root㉿kali)-[~]
└─# curl http://www.windmill.cs1ab.com:8080/ -v
* Host www.windmill.cs1ab.com:8080 was resolved.
* IPv6: (none)
* IPv4: 172.25.66.15 #获取到了入口IP  172.25.66.15
*   Trying 172.25.66.15:8080...
* Connected to www.windmill.cs1ab.com (172.25.66.15) port 8080
* using HTTP/1.x
> GET / HTTP/1.1
> Host: www.windmill.cs1ab.com:8080
> User-Agent: curl/8.12.1
> Accept: */*
> 
* Request completely sent off
< HTTP/1.1 200 
< Content-Type: text/plain;charset=UTF-8
< Content-Length: 22
< Date: Sat, 31 May 2025 03:31:11 GMT
< 
* Connection #0 to host www.windmill.cs1ab.com left intact
Welcome CyberStrikeLab                                                                                               
┌──(root㉿kali)-[~]
└─# nmap 172.25.66.15
Starting Nmap 7.95 ( https://nmap.org ) at 2025-05-31 07:31 EDT
Nmap scan report for 172.25.66.15
Host is up (0.0044s latency).
Not shown: 994 filtered tcp ports (no-response)
PORT     STATE SERVICE
53/tcp   open  domain
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
5985/tcp open  wsman
8080/tcp open  http-proxy

Nmap done: 1 IP address (1 host up) scanned in 9.91 seconds

┌──(root㉿kali)-[~/Desktop/cyberstrikelab/windmill]
└─# dirsearch -u  http://www.windmill.cs1ab.com:8080/
/usr/lib/python3/dist-packages/dirsearch/dirsearch.py:23: DeprecationWarning: pkg_resources is deprecated as an API. See https://setuptools.pypa.io/en/latest/pkg_resources.html
  from pkg_resources import DistributionNotFound, VersionConflict

  _|. _ _  _  _  _ _|_    v0.4.3
 (_||| _) (/_(_|| (_| )

Extensions: php, aspx, jsp, html, js | HTTP method: GET | Threads: 25 | Wordlist size: 11460

Output File: /root/Desktop/cyberstrikelab/windmill/reports/http_www.windmill.cs1ab.com_8080/__25-05-31_02-36-19.txt

Target: http://www.windmill.cs1ab.com:8080/

[02:36:19] Starting: 
[02:36:27] 400 -  435B  - /\..\..\..\..\..\..\..\..\..\etc\passwd
[02:36:28] 400 -  435B  - /a%5c.aspx
[02:36:45] 500 -   73B  - /error
[02:36:45] 500 -   73B  - /error/

Task Completed