Myvideo

Guest

Login

HackTheBox - Manager

Uploaded By: Myvideo
2 views
0
0 votes
0

00:00 - Introduction 01:00 - Start of Nmap 03:20 - Checking out the website, deciding there isn't much of interest here 05:10 - Running Kerbrute with a userlist to identify valid users 05:50 - Showing what Kerbrute is doing with NetExec 09:00 - A better way to enumerate valid users, RID Bruteforce, showing it with NetExec 10:50 - Using RPCClient to show how RID Bruteforce works 14:00 - Using NetExec to bruteforce users with the password of their username 17:55 - Showing off the NetExec Database 19:30 - Switching over to testing accounts for MSSQL Access with NetExec 21:20 - Using Impacket's MSSQLClient to access the MSSQL Server and running XP_DIRTREE to find a backup on the webserver 23:20 - Finding a credential for Raven in the backup file 26:50 - Using Certipy to find out the server is exploitable to ADCS ESC7, then exploiting it

Share with your friends

Link:

Embed:

Video Size:

Custom size:

x

Add to Playlist:

Favorites
My Playlist
Watch Later