HackTheBox - Blocky

IppSec · Intermediate ·🛡️ AI Safety & Ethics ·8y ago

Skills: Security Basics90%AI Security60%

The STTY command I messed up was simply `stty rows ## cols ##` 01:15 - Begin Recon with Reconnoitre 03:15 - Examining findings from Reconnoitre 06:50 - Decompiling java Jar Files with JAD 08:18 - Using JD-GUI 10:33 - Running WPScan 12:10 - Manually enumerating wordpress users 12:43 - SSH To the box and PrivEsc ------ Box Completed, Below extra content (Some mistakes, pretty much do this live without prep) 15:30 - Rabbit hole, gaining access through FTP 17:09 - Finding Wordpress DB Password 18:33 - Switching to WWW-DATA by using phpMyAdmin + Wordpress 20:10 - Generating a PHP Password for Wordpress 21:50 - Gaining code execution with Wordpress Admin access 25:40 - Shell as www-data 26:40 - Enumerating Kernel Exploits with Linux-Exploit-Suggester 30:10 - Attempting CVE-2017-6074 Dccp Kernel Exploit (Unstable AF)

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 19 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

More on: Security Basics

View skill →

HackTheBox - Analytics

HackTheBox - Analytics

AWS Security Agent (Preview) Overview - Frontier Agent for Proactive AppSec | Amazon Web Services

AWS Security Agent (Preview) Overview - Frontier Agent for Proactive AppSec | Amazon Web Services

Amazon Web Services

HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128

HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128

Secure Hash Algorithms Using Python- SHA256,SHA384,SHA224,SHA512,SHA1- Hashing In BlockChain

Secure Hash Algorithms Using Python- SHA256,SHA384,SHA224,SHA512,SHA1- Hashing In BlockChain

Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23

Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23

Configure and Deploy AWS Client VPN

Configure and Deploy AWS Client VPN

Related AI Lessons

Shadow AI: The Invisible Risk Already Inside Your Organization

Discover the risks of unauthorized AI usage within your organization and learn how to mitigate them

Medium · Machine Learning

“AI is an Apparatus” – A Warning from the Gods

Understand how restrictions can protect human autonomy in the face of AI advancements

How to Protect PII/PHI in AI Systems

Learn to protect PII/PHI in AI systems and ensure compliance with regulations to avoid data breaches and maintain trust

OpenAI Faces Class-Action Privacy Lawsuit Over Alleged Data Sharing Practices

OpenAI faces a class-action lawsuit over alleged data sharing practices, highlighting AI privacy concerns

Medium · ChatGPT

Chapters (15)

1:15 Begin Recon with Reconnoitre

3:15 Examining findings from Reconnoitre

6:50 Decompiling java Jar Files with JAD

8:18 Using JD-GUI

10:33 Running WPScan

12:10 Manually enumerating wordpress users

12:43 SSH To the box and PrivEsc

15:30 Rabbit hole, gaining access through FTP

17:09 Finding Wordpress DB Password

18:33 Switching to WWW-DATA by using phpMyAdmin + Wordpress

20:10 Generating a PHP Password for Wordpress

21:50 Gaining code execution with Wordpress Admin access

25:40 Shell as www-data

26:40 Enumerating Kernel Exploits with Linux-Exploit-Suggester

30:10 Attempting CVE-2017-6074 Dccp Kernel Exploit (Unstable AF)

Could Humans Evolve Flight?

Kurzgesagt – In a Nutshell