HackTheBox - Remote
40.3 هزار بار بازدید -
4 سال پیش
-
00:00
00:00 - Intro
01:00 - Begin of nmap, enumerate ftp, and smb
05:32 - Taking a look at the website to discover umbraco
10:50 - Examining NFS with showmount
16:00 - Discovering umbraco.sdf on NFS is a database and contains the admin password
21:15 - Logging into umbraco and discovering the unauthenticated RCE
23:35 - Editing the umbraco exploit to ping our box
26:30 - Getting a reverse shell using Invoke-WebRequest instead of (New-Object Net.WebClient)
30:30 - Running WinPEAS to discover UsoSvc service is editable
37:00 - Editing the UsoSvc binpath to execute our reverse shell
40:15 - Alternate Path: Using Rogue Potato to get a shell
01:00 - Begin of nmap, enumerate ftp, and smb
05:32 - Taking a look at the website to discover umbraco
10:50 - Examining NFS with showmount
16:00 - Discovering umbraco.sdf on NFS is a database and contains the admin password
21:15 - Logging into umbraco and discovering the unauthenticated RCE
23:35 - Editing the umbraco exploit to ping our box
26:30 - Getting a reverse shell using Invoke-WebRequest instead of (New-Object Net.WebClient)
30:30 - Running WinPEAS to discover UsoSvc service is editable
37:00 - Editing the UsoSvc binpath to execute our reverse shell
40:15 - Alternate Path: Using Rogue Potato to get a shell
4 سال پیش
در تاریخ 1399/06/15 منتشر شده
است.
40,357
بـار بازدید شده