Vulnhub - Trollcave 1.2

IppSec · Beginner ·🔐 Cybersecurity ·8y ago

Skills: Network Security80%

The CSRF Video I refer to is here: https://www.youtube.com/watch?v=d2nVDoVr0jE at 42m 01:20 - Start of Recon, nmap + dump web users 03:35 - Writing Python Program to dump uers. 12:00 - Dumping Users/Group done. Now to dump PW Hints 24:00 - Python coding done. 24:57 - Examining the PW Reset Functionality, reset King (Unintended) 29:40 - Start of examining File Upload 33:37 - Finding local user + Exploiting File Upload 35:45 - Unintended Privilege Kernel Escalation (CVE-2017-16995) ----- Box Done, Rest is extra content ----- 41:45 - Stealing CoolDude89's Cookie to gain Moderator Access 01:01:00 - Playing with moderator function to promote user to Admin 01:09:50 - Using Admin Permission to unmod admin and gain access to PM's 01:14:50 - Poking around the box looking for intended PrivEsc 01:22:50 - Exploiting Calc NodeJS App on Port 88 01:36:45 - Final Exploits of Calc App Troll Cave VM Download: https://www.vulnhub.com/entry/trollcave-12,230/

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 36 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

More on: Network Security

View skill →

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

Building a High-throughput VPN

Configuring Network Connectivity Center as a Transit Hub

VPC Flow Logs - Analyzing Network Traffic

HackTheBox - Intentions

HackTheBox - Intentions

Google Cloud Packet Mirroring with OpenSource IDS

Related AI Lessons

Inside Consumer DVRs — Hardware, Firmware & Network Security Evaluation

Learn about the hardware, firmware, and network security of consumer DVRs through a reverse engineering analysis of the Hikvision DS-7204HUHI-K

Medium · Cybersecurity

Cómo construimos un SOC con honeypot e IA local

Learn how to build a Security Operations Center (SOC) using honeypot and local AI to detect and prevent cyber threats

Dev.to · Yoandy Ramirez Delgado

Credentials in web applications: how to store them properly

Learn how to store credentials properly in web applications to prevent breaches

Dev.to · Ian Johnson

XSS Nedir ve Neden Hâlâ Tehlikeli? | Bir Siber Güvenlik Öğrencisinin Notları

Learn about XSS attacks and their ongoing threat to web security

Medium · Cybersecurity

Chapters (14)

1:20 Start of Recon, nmap + dump web users

3:35 Writing Python Program to dump uers.

12:00 Dumping Users/Group done. Now to dump PW Hints

24:00 Python coding done.

24:57 Examining the PW Reset Functionality, reset King (Unintended)

29:40 Start of examining File Upload

33:37 Finding local user + Exploiting File Upload

35:45 Unintended Privilege Kernel Escalation (CVE-2017-16995)

41:45 Stealing CoolDude89's Cookie to gain Moderator Access

1:01:00 Playing with moderator function to promote user to Admin

1:09:50 Using Admin Permission to unmod admin and gain access to PM's

1:14:50 Poking around the box looking for intended PrivEsc

1:22:50 Exploiting Calc NodeJS App on Port 88

1:36:45 Final Exploits of Calc App

Wireshark Tutorial For Beginners | How Wireshark Works | Packet Analysis Explained | Simplilearn