HackTheBox - TheFrizz

Name: HackTheBox - TheFrizz
Uploaded: 2025-08-23T15:00:03Z
Channel: IppSec
Description: 00:00 - Introduction 00:32 - Start of nmap 03:20 - Discovering Gibbon LMS is running and enumerating the version 04:45 - Using CVEDetails to look at CVE...

IppSec · Beginner ·📊 Data Analytics & Business Intelligence ·7mo ago

00:00 - Introduction 00:32 - Start of nmap 03:20 - Discovering Gibbon LMS is running and enumerating the version 04:45 - Using CVEDetails to look at CVE's for Gibbon, then discovering an unauth file upload 07:00 - Getting a shell by uploading a malicious PHP Script 11:30 - Using the MySQL binary to dump the database to get the password hash 15:55 - The password is salted, searching Gibbon Source Code for how the salt is used so we know which hashcat ruleset to use 19:55 - Running RustHound, doesn't really tell us too much 23:00 - Using SSH with Kerberos to login to the box, showing the hostfil…

Watch on YouTube ↗ (saves to browser)

Chapters (12)

Introduction

0:32 Start of nmap

3:20 Discovering Gibbon LMS is running and enumerating the version

4:45 Using CVEDetails to look at CVE's for Gibbon, then discovering an unauth file

7:00 Getting a shell by uploading a malicious PHP Script

11:30 Using the MySQL binary to dump the database to get the password hash

15:55 The password is salted, searching Gibbon Source Code for how the salt is used

19:55 Running RustHound, doesn't really tell us too much

23:00 Using SSH with Kerberos to login to the box, showing the hostfile needs to hav

26:30 Going into the recycle bin, discovering a deleted file and then copying it to

34:00 Using our bloodhound data to build a userlist then spray the password

36:56 Logging in with m.schoolbus then running SharpGPOAbuse to get the domain contr

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →