HackTheBox - Carrier

Name: HackTheBox - Carrier
Uploaded: 2019-03-16T14:00:01Z
Channel: IppSec
Description: 00:53 - Begin of Recon 03:30 - Checking out the Web Page 04:20 - Doing UDP/GoBuster Scans 08:20 - Running SNMPWalk and then logging into web interface 1...

IppSec · Intermediate ·🛡️ AI Safety & Ethics ·7y ago

00:53 - Begin of Recon 03:30 - Checking out the Web Page 04:20 - Doing UDP/GoBuster Scans 08:20 - Running SNMPWalk and then logging into web interface 10:20 - Reading the tickets on the web page 12:00 - Discovering code execution 16:00 - Reverse Shell Returned 23:15 - Discovering FTP Server 10.120.15.10 26:00 - Gaining access to a Router Interface 27:30 - Using Draw.io to draw out the network 32:40 - Examining routing information 35:45 - Looking at BGP Information 39:00 - First attempt at BGP Hijack, advertising a route 43:30 - Did not work, examining routing loop. 50:50 - Blocking the routing…

Watch on YouTube ↗ (saves to browser)

Chapters (22)

0:53 Begin of Recon

3:30 Checking out the Web Page

4:20 Doing UDP/GoBuster Scans

8:20 Running SNMPWalk and then logging into web interface

10:20 Reading the tickets on the web page

12:00 Discovering code execution

16:00 Reverse Shell Returned

23:15 Discovering FTP Server 10.120.15.10

26:00 Gaining access to a Router Interface

27:30 Using Draw.io to draw out the network

32:40 Examining routing information

35:45 Looking at BGP Information

39:00 First attempt at BGP Hijack, advertising a route

43:30 Did not work, examining routing loop.

50:50 Blocking the routing advertisement to AS300

56:50 Showing the new routing loop (AS300 sends to AS200)

1:00:00 Telling AS200 not to advertise the route to AS300

1:04:00 Grabbing FTP Traffic to get root password

1:07:00 Logging into all 3 routers for some fun

1:08:50 Hiding from TraceRoute by mucking with TTL's

1:13:20 Redoing the attack, but showing routing tables on all routers

1:17:30 Unintended route, Just adding an IP to eth2

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →