HackTheBox - Jeeves

Name: HackTheBox - Jeeves
Uploaded: 2018-05-19T15:00:03Z
Channel: IppSec
Description: 01:19 - Begin of Enumeration 04:15 - Avoiding the Rabbit Hole on port 80 (IIS) 06:00 - Begin of Jenkins 09:00 - Using Jenkins Script Console (Groovy) to...

IppSec · Intermediate ·🧠 Large Language Models ·7y ago

01:19 - Begin of Enumeration 04:15 - Avoiding the Rabbit Hole on port 80 (IIS) 06:00 - Begin of Jenkins 09:00 - Using Jenkins Script Console (Groovy) to gain code execution 12:00 - Reverse TCP Shell via Nishang 17:00 - Reverse Shell returned. PowerSplit dev branch to find unintended privesc (Tokens) 22:20 - Powersploit's Invoke-AllChecks completes 24:20 - Finding Keepass Database using Impack-SMBServer to transfer files 27:00 - Cracking the KeePass Database 30:20 - Using KeePass2 to open database 34:25 - PassTheHash via pth-winexe to gain administrator shell 35:20 - Grabbing root.txt that is …

Watch on YouTube ↗ (saves to browser)

Chapters (16)

1:19 Begin of Enumeration

4:15 Avoiding the Rabbit Hole on port 80 (IIS)

6:00 Begin of Jenkins

9:00 Using Jenkins Script Console (Groovy) to gain code execution

12:00 Reverse TCP Shell via Nishang

17:00 Reverse Shell returned. PowerSplit dev branch to find unintended privesc (Tok

22:20 Powersploit's Invoke-AllChecks completes

24:20 Finding Keepass Database using Impack-SMBServer to transfer files

27:00 Cracking the KeePass Database

30:20 Using KeePass2 to open database

34:25 PassTheHash via pth-winexe to gain administrator shell

35:20 Grabbing root.txt that is hidden via Alternate Data Streams (ADS)

39:00 Using RottenPotato to escalate to root via MSF

41:00 Using Unicorn to gain a reverse MSF SHell

45:20 Performing the attack

48:00 Impersonating Token to gain root

Playlist

Uploads from IppSec · IppSec · 54 of 60

← Previous Next →