HackTheBox - Manager

IppSec · Beginner ·📊 Data Analytics & Business Intelligence ·2y ago

Skills: Network Security80%

00:00 - Introduction 01:00 - Start of Nmap 03:20 - Checking out the website, deciding there isn't much of interest here 05:10 - Running Kerbrute with a userlist to identify valid users 05:50 - Showing what Kerbrute is doing with NetExec 09:00 - A better way to enumerate valid users, RID Bruteforce, showing it with NetExec 10:50 - Using RPCClient to show how RID Bruteforce works 14:00 - Using NetExec to bruteforce users with the password of their username 17:55 - Showing off the NetExec Database 19:30 - Switching over to testing accounts for MSSQL Access with NetExec 21:20 - Using Impacket's MSSQLClient to access the MSSQL Server and running XP_DIRTREE to find a backup on the webserver 23:20 - Finding a credential for Raven in the backup file 26:50 - Using Certipy to find out the server is exploitable to ADCS ESC7, then exploiting it

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

More on: Network Security

View skill →

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

Building a High-throughput VPN

Configuring Network Connectivity Center as a Transit Hub

VPC Flow Logs - Analyzing Network Traffic

HackTheBox - Intentions

HackTheBox - Intentions

Google Cloud Packet Mirroring with OpenSource IDS

Related AI Lessons

Managing Permissions Directly via SQL in BigQuery

Manage BigQuery permissions directly via SQL to streamline LLM inference workflows

Medium · Data Science

Data’s Best Decade is Ahead. Most Companies Are Looking at it Wrong.

Learn how to leverage data correctly to drive business decisions and stay ahead in the industry

Data’s Best Decade is Ahead. Most Companies Are Looking at it Wrong.

Learn how to leverage data effectively to drive business decisions and unlock its full potential in the upcoming decade

Medium · Machine Learning

Data’s Best Decade is Ahead. Most Companies Are Looking at it Wrong.

Learn how to leverage data effectively by shifting focus from reporting to decision-making, a crucial skill for companies to thrive in the upcoming decade

Medium · Data Science

Chapters (13)

Introduction

1:00 Start of Nmap

3:20 Checking out the website, deciding there isn't much of interest here

5:10 Running Kerbrute with a userlist to identify valid users

5:50 Showing what Kerbrute is doing with NetExec

9:00 A better way to enumerate valid users, RID Bruteforce, showing it with NetExec

10:50 Using RPCClient to show how RID Bruteforce works

14:00 Using NetExec to bruteforce users with the password of their username

17:55 Showing off the NetExec Database

19:30 Switching over to testing accounts for MSSQL Access with NetExec

21:20 Using Impacket's MSSQLClient to access the MSSQL Server and running XP_DIRTREE

23:20 Finding a credential for Raven in the backup file

26:50 Using Certipy to find out the server is exploitable to ADCS ESC7, then exploit

Quantitative Risk Management Exam Practice