Myvideo

Guest

Login

HackTheBox - Postman

Uploaded By: Myvideo
31 view
0
0 votes
0

01:00 - Begin of nnmap scan 01:45 - Checking out the website, trying to identify what technology runs the site 03:20 - Nmap scan finished, start more recon (GoBuster and full nmap port scan) 07:00 - Trying to find out when the website was stood up with exiftool 09:00 - Full nmap showed the REDIS port, initial poking 10:55 - Searching the internet for things you can do with a REDIS Server 14:50 - Dropping a webshell didn't work, lets try dropping an SSH Key 16:30 - Discovering the location of a .ssh directory by guessing the default (/var/lib/redis/.ssh) 19:30 - Got a shell on the box! 22:00 - Running LinPEAS 29:45 - Running LinEnum twice (once with throrough mode enabled). To make sure we have good recon. 33:10 - Discovering Matt logged in at a time we did not previously have 36:07 - Discovering an encrypted SSH key, cracking the SSH Key with John 40:00 - SSH failing to work, decide to just use “su“ to switch to the Matt User 42:00 - Discovering we

Share with your friends

Link:

Embed:

Video Size:

Custom size:

x

Add to Playlist:

Favorites
My Playlist
Watch Later