HackTheBox - Chatterbox

Name: HackTheBox - Chatterbox
Uploaded: 2018-06-16T15:00:03Z
Channel: IppSec
Description: 01:18 - Begin of Recon 04:55 - Start of aChat buffer Overflow: Finding the exploit script with Searchsploit 07:24 - Begin of replacing POC's Calc Shellc...

IppSec · Beginner ·🔐 Cybersecurity ·7y ago

01:18 - Begin of Recon 04:55 - Start of aChat buffer Overflow: Finding the exploit script with Searchsploit 07:24 - Begin of replacing POC's Calc Shellcode with what is generated from MSFVenom 09:42 - Correction: Payload Size wrong, should be 3,xxx -- look at "Payload Size" I accidentally highlighted the size of the python file. 14:30 - Whoops, erased too much out of POC. Lets correctly replace the shellcode this time and get a shell. 17:50 - Running PowerUp to find AutoLogon Credentials 20:05 - Running Code as Administrator 24:18 - First Privesc Method: Using Start-Process to execute command…

Watch on YouTube ↗ (saves to browser)

Chapters (14)

1:18 Begin of Recon

4:55 Start of aChat buffer Overflow: Finding the exploit script with Searchsploit

7:24 Begin of replacing POC's Calc Shellcode with what is generated from MSFVenom

9:42 Correction: Payload Size wrong, should be 3,xxx -- look at "Payload Size" I ac

14:30 Whoops, erased too much out of POC. Lets correctly replace the shellcode this

17:50 Running PowerUp to find AutoLogon Credentials

20:05 Running Code as Administrator

24:18 First Privesc Method: Using Start-Process to execute commands as a different u

27:30 Alternate way to read root.txt -- Alfred owns root.txt, so he can edit the fil

33:12 Summary of the box

34:37 Doing the box with Metasaploit, Warning: Lots of fails.

43:10 Using meterpreters PortFwd to bypass ChatterBox's firewall and access port 445

51:25 Doing the box with Empire !

58:20 Using Empire's Run_As module to execute commands as Administrator

Playlist

Uploads from IppSec · IppSec · 58 of 60

← Previous Next →