TryHackMe-GameZone
699 بار بازدید -
3 سال پیش
-
00:00-intro
00:00-intro
00:41-Start of Nmap Scan to discover open ports
01:32-Looking at the Web-Server running on port 80
03:13-Trying to look for Sql-Injection bu adding a single quotation
04:00-Trying to Explain Sql-injection
08:05-Bypassing login page by sql injection basic payload
09:15-Trying Sql-Injection again on the search Functionality
10:20-intercepting the request in BurpSuite to send it to SqlMap
11:36-Running SqlMap ton the request and successfully exploiting the target
13:05-List all databases using SqlMap
13:55-Looking at the tables information using SqlMap
14:35-Extracting columns using SqlMap
15:14-Dumping the contents of the table using SqlMap
17:25-Trying to crack the password hash using online and offline tools
20:10-Using JohnTheRipper to crack the password hash
24:18-Logging in with the username and password to system using ssh
25:00-Start of Privilege Escalation
28:00-Downloading and running Linpeas for enumeration
32:45-Found One Strange Port 10000 which was running internally
34:55-Port Forwarding using ssh
37:00-Looking at the webmin page and trying to access it using credentials we found
38:08-Webmin 1.580 is running so exploiting it using metasploit and getting root
43:24-Answering the Questions of TryHackme and Completing the box
00:41-Start of Nmap Scan to discover open ports
01:32-Looking at the Web-Server running on port 80
03:13-Trying to look for Sql-Injection bu adding a single quotation
04:00-Trying to Explain Sql-injection
08:05-Bypassing login page by sql injection basic payload
09:15-Trying Sql-Injection again on the search Functionality
10:20-intercepting the request in BurpSuite to send it to SqlMap
11:36-Running SqlMap ton the request and successfully exploiting the target
13:05-List all databases using SqlMap
13:55-Looking at the tables information using SqlMap
14:35-Extracting columns using SqlMap
15:14-Dumping the contents of the table using SqlMap
17:25-Trying to crack the password hash using online and offline tools
20:10-Using JohnTheRipper to crack the password hash
24:18-Logging in with the username and password to system using ssh
25:00-Start of Privilege Escalation
28:00-Downloading and running Linpeas for enumeration
32:45-Found One Strange Port 10000 which was running internally
34:55-Port Forwarding using ssh
37:00-Looking at the webmin page and trying to access it using credentials we found
38:08-Webmin 1.580 is running so exploiting it using metasploit and getting root
43:24-Answering the Questions of TryHackme and Completing the box
3 سال پیش
در تاریخ 1400/11/11 منتشر شده
است.
699
بـار بازدید شده