HackTheBox - Fighter Walkthrough (Re-Up)
In this video, we cover how to exploit HackTheBox's Fighter.
Original Video Date:10/07/2018
Timestamps:
0:06 - Introduction
0:48 - Nmap scan review
1:10 - Exploring port 80
2:25 - Modifying /etc/hosts
5:35 - Enumerating sub-domains
10:45 - Using Dirb to find hidden directories and pages
13:30 - Intercepting login requests with Burp
15:35 - Using sqlmap to test for SQL injection
19:50 - Building a custom SQL injection & Gaining a shell
23:55 - Enumeration as the low-priv user
26:55 - Bypassing application whitelisting using msbuild
30:05 - Using certutil for file transfers & Gaining a Meterpreter shell
34:25 - Using the capcom.sys exploit to elevate privileges
41:30 - Discovering root.exe and reverse engineering the process
❓Info❓
___________________________________________
Hire me: ...
Продолжительность: | 00:47:27 |
Просмотров на youtube: | 1457 |
Youtube: https://www.youtube.com/watch?v=Rplw1YD79pw
Комментарии