HackTheBox - Arctic

IppSec · Beginner ·🔐 Cybersecurity ·8y ago

Skills: Ethical Hacking & Pen Testing90%Network Security70%

00:00 - Intro 00:12 - Enumerate with nmap 00:40 - Going to the webpage 01:50 - Using SearchSploit to find ColdFusion Exploits 02:40 - Attempt to exploit through MSF. Debug why it failed. 03:50 - Setting up a Burp Redirect listener 04:55 - Examining request send by MSF Exploit 06:35 - Getting a reverse shell 07:50 - Using Unicorn to create a Powershell Meterpreter Loa der 11:35 - Reverseshell returned 12:10 - Using the MSF post module local_exploit_suggestor 15:29 - Privesc via MS10-092

What You'll Learn

Exploits Arctic using nmap, SearchSploit, and Burp to gain reverse shell and create a Powershell Meterpreter loader

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 3 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

More on: Ethical Hacking & Pen Testing

View skill →

HackTheBox - Photobomb

HackTheBox - Photobomb

VulnHub - Sokar

VulnHub - Sokar

HackTheBox - Multimaster

HackTheBox - Multimaster

Hacking a Smart Camera: IoT Hacking With Andrew Bellini (Part 3)

Hacking a Smart Camera: IoT Hacking With Andrew Bellini (Part 3)

The Cyber Mentor

Ethical Password Cracking

Ethical Password Cracking

Exploitation and Penetration Testing with Metasploit

Exploitation and Penetration Testing with Metasploit

Related AI Lessons

Ethical Hacking Step-by-Step (Part 3)

Learn ethical hacking by understanding network security fundamentals, including packets, firewalls, and traffic analysis using Wireshark.

Medium · Cybersecurity

DORA Compliance in 2026: What European Businesses Actually Need to Know

European businesses using cloud infrastructure must understand DORA compliance in 2026 to avoid regulatory risks

Medium · Cybersecurity

Apple says it is shipping security updates early as AI speeds up hacking

Apple now ships security updates early due to AI speeding up hacking, learn how to prioritize security in your development cycle

The Next Web AI

Building a Home SOC Lab from Scratch (Part 1): The Setup

Learn to build a home SOC lab from scratch using Splunk, Sysmon, and VMs to improve detection skills

Medium · Cybersecurity

Chapters (12)

Intro

0:12 Enumerate with nmap

0:40 Going to the webpage

1:50 Using SearchSploit to find ColdFusion Exploits

2:40 Attempt to exploit through MSF. Debug why it failed.

3:50 Setting up a Burp Redirect listener

4:55 Examining request send by MSF Exploit

6:35 Getting a reverse shell

7:50 Using Unicorn to create a Powershell Meterpreter Loa

11:35 Reverseshell returned

12:10 Using the MSF post module local_exploit_suggestor

15:29 Privesc via MS10-092

You Think Your Card Declined by Mistake? It Might Be a 2026 Scam

Tolulope Michael