00:00 - Intro 01:00 - Start of nmap 02:45 - Taking a look at websites, making note of all login prompts (bolt, rocketchat) 07:15 - Start of looking at Jamovi, using the Rj Editor to execute code and get a reverse shell 09:10 - Using cat to send files over the network to our box and viewing the bolt-administration document 12:50 - Taking a credential from the document and logging into Bolt CMS 13:40 - Editing a theme in bolt to give us code execution 19:00 - Using script to get a full PTY since python isn't on this box 20:40 - Looking for passwords for bolt, finding a sqlite database 25:45 - Getting the ip address of the box via the hostname command since ifconfig and ip were not on the box 26:40 - Using /proc/net/tcp to get listening ports 29:20 - Using the docker container to SSH into the host computer via its docker IP 31:25 - Using ps -ef --forest to view running processes, can see inside docker containers to find mongo 34:50 - Using bash to perform a portscan bas
Hide player controls
Hide resume playing