HackTheBox - Minion

IppSec · Beginner ·🔐 Cybersecurity ·8y ago

Skills: Network Security90%Ethical Hacking & Pen Testing80%

Every time I saw CSRF, I means SSRF. 00:40 - Begin of Recon 04:00 - Start of GoBuster 05:40 - Finding a SSRF 09:00 - Passing arguments to cmd.aspx via SSRF 12:05 - Firewall Enumeration 16:35 - Begin of setting up ICMP Reverse Shell 22:25 - Begin of sending ICMP Rev Shell to Server (Warning: Lots of Fail) 46:31 - Return of ICMP Rev Shell 52:20 - PrivEsc form IIS to Decoder 01:11:15 - Unzipping via Powershell 01:14:05 - Finding Administrator password hidden in NTFS File Stream 01:16:30 - Using Net Use to mount C: As Administrator 01:19:30 - Using IDA to analyze root.exe and grab the flag (Misses last character of hash) 01:24:15 - Using Invoke Command to execute root.exe as admin (Lots of Fail) 01:32:52 - Opening up the Firewall then just using RDP to gain access

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 32 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

More on: Network Security

View skill →

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

Building a High-throughput VPN

Configuring Network Connectivity Center as a Transit Hub

VPC Flow Logs - Analyzing Network Traffic

HackTheBox - Intentions

HackTheBox - Intentions

Google Cloud Packet Mirroring with OpenSource IDS

Related AI Lessons

Inside Consumer DVRs — Hardware, Firmware & Network Security Evaluation

Learn about the hardware, firmware, and network security of consumer DVRs through a reverse engineering analysis of the Hikvision DS-7204HUHI-K

Medium · Cybersecurity

Cómo construimos un SOC con honeypot e IA local

Learn how to build a Security Operations Center (SOC) using honeypot and local AI to detect and prevent cyber threats

Dev.to · Yoandy Ramirez Delgado

Credentials in web applications: how to store them properly

Learn how to store credentials properly in web applications to prevent breaches

Dev.to · Ian Johnson

XSS Nedir ve Neden Hâlâ Tehlikeli? | Bir Siber Güvenlik Öğrencisinin Notları

Learn about XSS attacks and their ongoing threat to web security

Medium · Cybersecurity

Chapters (15)

0:40 Begin of Recon

4:00 Start of GoBuster

5:40 Finding a SSRF

9:00 Passing arguments to cmd.aspx via SSRF

12:05 Firewall Enumeration

16:35 Begin of setting up ICMP Reverse Shell

22:25 Begin of sending ICMP Rev Shell to Server (Warning: Lots of Fail)

46:31 Return of ICMP Rev Shell

52:20 PrivEsc form IIS to Decoder

1:11:15 Unzipping via Powershell

1:14:05 Finding Administrator password hidden in NTFS File Stream

1:16:30 Using Net Use to mount C: As Administrator

1:19:30 Using IDA to analyze root.exe and grab the flag (Misses last character of hash

1:24:15 Using Invoke Command to execute root.exe as admin (Lots of Fail)

1:32:52 Opening up the Firewall then just using RDP to gain access

Wireshark Tutorial For Beginners | How Wireshark Works | Packet Analysis Explained | Simplilearn