WELCOME BACK! WELCOME BACK!
Join me again for another walkthrough through one of Proving Grounds boxes, as we get back into the rhythm of things. After a longer hiatus, I am finally back to hacking again.
This time, we are focusing on keeping clear notes, showcasing step by step our methodology.
Quite the fun box too, took a lot of notes, to emphasize the importance of good note-taking.
More videos and updates will follow soon!
You can find the document here:
docs.google.com/spreadsheets/...
link to Proving Grounds:
portal.offsec.com/labs/practice
I hope you guys enjoy!
Any support helps, if you enjoyed this video, or got something useful from it. Consider liking, commenting and subscribing! It is greatly appreciated
If you too want to learn how to do offensive or defensive security. Then make sure to check out the HackTheBox Academy. I have yet to see a better learning resource, to thoroughly learn the ins and outs of Pentesting as well as Blue Teaming.
==================================================
00:00 - Welcome BACK!
01:20 - Plan for today
03:36 - Reconnaissance
05:08 - Notes Setup
06:27 - Evaluating Recon Results
08:27 - Port 22 - SSH
10:44 - The importance of good Note-Taking
11:21 - Port 80 - HTTP
13:34 - Why Obsidian is great!
19:08 - Exploring the Web Application
27:05 - Broken Object Level Authorization
32:24 - Exploiting the Confirmed Parameter
37:25 - Trying to create a Confrimed User
39:28 - Logging in
43:20 - File Inclusion Vulnerability
46:46 - /etc/passwd
51:58 - Uploading authorized_keys file
55:55 - Initial Foothold as Remi
57:09 - Discovering SSH keys
1:01:08 - Google is Your Friend!
1:02:35 - Root
1:05:20 - Review
==================================================
Music:
Byedarond · Flughand
Vanilla - Summer
Link:
• Byedarond
• Vanilla - Summer
6 июл 2024