HackTheBox - Surveillance

Name: HackTheBox - Surveillance
Uploaded: 2024-04-20T15:00:20Z
Channel: IppSec
Description: 00:00 - Introduction 01:00 - Start of nmap 02:45 - Discovering an exploit for Craft CMS, it doesn't work out of the box because of a typo on exploit-db ...

IppSec · Beginner ·🔍 RAG & Vector Search ·1y ago

00:00 - Introduction 01:00 - Start of nmap 02:45 - Discovering an exploit for Craft CMS, it doesn't work out of the box because of a typo on exploit-db looking into this exploit 06:00 - Walking through the Exploit Script 11:45 - Getting a shell on the box with the script that was on Github 14:45 - Logging into the CraftCMS Database, finding the password 17:30 - There is a backup of the database in the storage directory, which contains an old password for Matthew 22:45 - Linpeas shows us configurations for ZoneMinder, which lets us into another table of the database 25:20 - Setting a port forw…

Watch on YouTube ↗ (saves to browser)

Chapters (14)

Introduction

1:00 Start of nmap

2:45 Discovering an exploit for Craft CMS, it doesn't work out of the box because o

6:00 Walking through the Exploit Script

11:45 Getting a shell on the box with the script that was on Github

14:45 Logging into the CraftCMS Database, finding the password

17:30 There is a backup of the database in the storage directory, which contains an

22:45 Linpeas shows us configurations for ZoneMinder, which lets us into another tab

25:20 Setting a port forward so we can access ZoneMinder, then updating the password

29:20 Showing an unauthenticated exploit in ZoneMinder

31:40 The ZoneMinder user can run zoneminder scripts with sudo

33:30 Finding a command injection in ZMUPDATE, getting shell as root

42:20 Showing ZoneMinder lets you set the LD_PRELOAD which is another way to get roo

55:50 Showing the intended way to exploit ZoneMinder to get a shell as the ZM User,

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →