HackTheBox - Irked

Name: HackTheBox - Irked
Uploaded: 2019-04-27T18:08:32Z
Channel: IppSec
Description: Last video was missing about 2 minutes and cut off at 31:35. Sorry, was an extremely busy week and didn't get to verify everything was good. 00:39 - Be...

IppSec · Beginner ·🔐 Cybersecurity ·6y ago

Last video was missing about 2 minutes and cut off at 31:35. Sorry, was an extremely busy week and didn't get to verify everything was good. 00:39 - Begin on Recon 01:39 - Starting a full nmap scan 04:15 - Discovery of IRC 04:35 - Manually looking at IRC 06:00 - Looking at the IRC to understand how to connect to an IRC Server 07:00 - Pulling the IRC Version and discovering the exploit 08:50 - Going into the history of the IRC Backdoor 09:45 - Manually exploiting the IRC Server 13:10 - Shell returned on the server 14:30 - Discovery of .backup which gives a steg password 16:45 - Logging in wi…

Watch on YouTube ↗ (saves to browser)

Chapters (16)

0:39 Begin on Recon

1:39 Starting a full nmap scan

4:15 Discovery of IRC

4:35 Manually looking at IRC

6:00 Looking at the IRC to understand how to connect to an IRC Server

7:00 Pulling the IRC Version and discovering the exploit

8:50 Going into the history of the IRC Backdoor

9:45 Manually exploiting the IRC Server

13:10 Shell returned on the server

14:30 Discovery of .backup which gives a steg password

16:45 Logging in with djmardov

21:20 Discovery of SetUID enabled custom binary, viewuser

23:25 Using ltrace to see what the binary does, executes the file /tmp/listusers

23:50 Getting a root shell

25:50 Testing exploiting the binary with "who", fails due to no setuid

27:50 Looking at the binary within Ghidra

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →