VulnHub - Sokar

IppSec · Beginner ·🔐 Cybersecurity ·8y ago

Skills: Ethical Hacking & Pen Testing90%

01:08 - Start of Recon (NetDiscover/Masscan/Nmap) 05:37 - Finding the CGI Script and using Shellshock 10:00 - Start creating ShellShock python script 16:08 - Converting script "Forward Shell" for FW Evasion with mkfifo 40:00 - Adding Threading (Background Task) to improve script 45:00 - Script completed - Attempt to enumerate FW Rules 49:00 - Fumbling around with IPv6 (Check out Sneaky Video for more) 53:25 - Reverse shell via IPv6 and ncat 01:05:00 - Reading Bynarr's mail to get password and PrivEsc via LIME/Memory Dum p 1:07:20 - Unintended PrivEsc via ShellShock + Environment Variables 1:18:20 - Begin of MITM (Man in the Middle) First with Ettercap 1:24:19 - Installing Bettercap2 + Usage 1:33:40 - Spoofing ARP and DNS with BetterCap 1:41:11 - Privesc to root via Git on case-insensitive FS 1:53:30 - Woot root, lets take a look at the IPTable FW 1:56:00 - Explaining the exploit a bit better

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 33 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

More on: Ethical Hacking & Pen Testing

View skill →

HackTheBox - Photobomb

HackTheBox - Photobomb

HackTheBox - Multimaster

HackTheBox - Multimaster

Hacking a Smart Camera: IoT Hacking With Andrew Bellini (Part 3)

Hacking a Smart Camera: IoT Hacking With Andrew Bellini (Part 3)

The Cyber Mentor

Ethical Password Cracking

Ethical Password Cracking

Exploitation and Penetration Testing with Metasploit

Exploitation and Penetration Testing with Metasploit

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

Related AI Lessons

Inside Consumer DVRs — Hardware, Firmware & Network Security Evaluation

Learn about the hardware, firmware, and network security of consumer DVRs through a reverse engineering analysis of the Hikvision DS-7204HUHI-K

Medium · Cybersecurity

Cómo construimos un SOC con honeypot e IA local

Learn how to build a Security Operations Center (SOC) using honeypot and local AI to detect and prevent cyber threats

Dev.to · Yoandy Ramirez Delgado

Credentials in web applications: how to store them properly

Learn how to store credentials properly in web applications to prevent breaches

Dev.to · Ian Johnson

XSS Nedir ve Neden Hâlâ Tehlikeli? | Bir Siber Güvenlik Öğrencisinin Notları

Learn about XSS attacks and their ongoing threat to web security

Medium · Cybersecurity

Chapters (16)

1:08 Start of Recon (NetDiscover/Masscan/Nmap)

5:37 Finding the CGI Script and using Shellshock

10:00 Start creating ShellShock python script

16:08 Converting script "Forward Shell" for FW Evasion with mkfifo

40:00 Adding Threading (Background Task) to improve script

45:00 Script completed - Attempt to enumerate FW Rules

49:00 Fumbling around with IPv6 (Check out Sneaky Video for more)

53:25 Reverse shell via IPv6 and ncat

1:05:00 Reading Bynarr's mail to get password and PrivEsc via LIME/Memory Dum

1:07:20 Unintended PrivEsc via ShellShock + Environment Variables

1:18:20 Begin of MITM (Man in the Middle) First with Ettercap

1:24:19 Installing Bettercap2 + Usage

1:33:40 Spoofing ARP and DNS with BetterCap

1:41:11 Privesc to root via Git on case-insensitive FS

1:53:30 Woot root, lets take a look at the IPTable FW

1:56:00 Explaining the exploit a bit better

Wireshark Tutorial For Beginners | How Wireshark Works | Packet Analysis Explained | Simplilearn