Loading...

HackTheBox - Oz

13,552 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Jan 12, 2019

00:50 - Start of the box
05:30 - Attempting GoBuster but wildcard response gives issue
07:40 - Start of doing wfuzz to find content
10:38 - Manually testing SQLInjection
13:07 - Running SQLMap and telling it exactly where the injection is
16:04 - Manually extracting files with the SQL Injection
19:50 - Cracking the hash with hashcat
25:00 - Start of examining the custom webapp, playing with Template Injection
27:00 - Explaining a way to enumerate language behind a webapp
35:17 - Reverse Shell returned on first Docker Container
38:00 - Examining SQL Database
39:40 - Doing the Port Knock to open up SSH
43:50 - Gain a foothold on the host of the docker container via ssh
46:00 - Identifying containers running
50:10 - Creating SSH Port Forwards without exiting SSH Session then NMAP through
SSH
55:11 - Begin looking into Portainer, finding a weak API Endpoint
59:00 - Start of creating a container in portainer that can access the root file
system
01:08:25 - Changing sudoers so dorthy can privesc to root
01:09:50 - Lets go back and create a python script to play with SQL Injection

Loading...

to add this to Watch Later

Add to

Loading playlists...