HackTheBox - Cap

Name: HackTheBox - Cap
Uploaded: 2021-10-02T14:00:07Z
Channel: IppSec
Description: 00:00 - Intro 00:50 - Start of nmap and doing some recon against FTP 02:40 - Having trouble finding a release date, using WGET and examining metadata to...

IppSec · Beginner ·📰 AI News & Updates ·4y ago

00:00 - Intro 00:50 - Start of nmap and doing some recon against FTP 02:40 - Having trouble finding a release date, using WGET and examining metadata to see how old a page is 04:45 - Examining the web applicaiton 08:50 - Testing and finding the IDOR Vulnerability 10:00 - Examining the PCAP Downloaded through the IDOR Vulnerability to find FTP Creds 12:12 - SSHing into the box with the credentials from FTP 13:15 - Running LINPEAS, examining the source code of the webapp while it runs 16:45 - Going over the LINPEAS output finding python has the ability to setuid 21:40 - Using the os libary to se…

Watch on YouTube ↗ (saves to browser)

Chapters (12)

Intro

0:50 Start of nmap and doing some recon against FTP

2:40 Having trouble finding a release date, using WGET and examining metadata to se

4:45 Examining the web applicaiton

8:50 Testing and finding the IDOR Vulnerability

10:00 Examining the PCAP Downloaded through the IDOR Vulnerability to find FTP Creds

12:12 SSHing into the box with the credentials from FTP

13:15 Running LINPEAS, examining the source code of the webapp while it runs

16:45 Going over the LINPEAS output finding python has the ability to setuid

21:40 Using the os libary to setuid to root

23:30 Showing off zeek which would help analyze larger pcaps

24:10 Changing the Zeek FTP Configuration to show passwords.

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →

HackTheBox - Cap

Chapters (12)

Playlist

Lesson complete!