Tier 0: Mongod - HackTheBox Starting Point - Full Walkthrough

Подписаться 34 тыс.

Просмотров 12 тыс.

50% 1

Learn the basics of Penetration Testing: Video walkthrough for the "Mongod" machine from tier zero of the ‪@HackTheBox‬ "Starting Point" track; "The key is a strong foundation". We'll be exploring the basics of enumeration, service discovery, mongo (NoSQL) databases and more! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #HackTheBox #HTB #CTF #Pentesting #OffSec
Sign up for HackTheBox: hacktheboxltd.sjv.io/xk75Yk
↢Social Media↣
Twitter: / _cryptocat
GitHub: github.com/Crypto-Cat
HackTheBox: app.hackthebox.eu/profile/11897
LinkedIn: / cryptocat
Reddit: / _cryptocat23
RU-vid: / cryptocat23
Twitch: / cryptocat23
↢HackTheBox↣
affiliate.hackthebox.com/cryp...
/ hackthebox_eu
/ discord
↢Video-Specific Resources↣
www.mongodb.com/nosql-explain...
www.mongodb.com/docs/manual/t...
book.hacktricks.xyz/network-s...
↢Resources↣
Ghidra: ghidra-sre.org/CheatSheet.html
Volatility: github.com/volatilityfoundati...
PwnTools: github.com/Gallopsled/pwntool...
CyberChef: gchq.github.io/CyberChef
DCode: www.dcode.fr/en
HackTricks: book.hacktricks.xyz/pentestin...
CTF Tools: github.com/apsdehal/awesome-ctf
Forensics: cugu.github.io/awesome-forensics
Decompile Code: www.decompiler.com
Run Code: tio.run
↢Chapters↣
Start: 0:00
Enumerate ports/services (Rustscan/NMap): 1:16
MongoDB (NoSQL) overview: 4:06
Basic Mongo commands: 6:19
Install MongoSh: 8:32
Explore database: 12:22
Retrieve flag: 13:21
Crack hash? 14:33
End: 16:30

Наука

Опубликовано:

1 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 14

@DubThaDetailer 11 месяцев назад

These videos are outstanding. You explain things very well, including the how and why of what you are doing as well as provinding other great tips. Excellent job, man. Thank you.

@_CryptoCat 11 месяцев назад

Thank you mate! 🙏🥰

@cyber-man Год назад

I really want you to know that the effort you put in the video is not without a sense. Maybe the numbers don't show it, but behind each "one" there is a man you have helped and contributed to his/her development Really appreciate your work, and hope we can meet in some CTFs against each others :)

@_CryptoCat Год назад

awww thanks, really appreciate that 🙏🥰

@ShinichiKudo012 Год назад

thanks for these great videos man. you're helping people like me to learn new things and, hopefully, build a successful career in pentesting. much love brother. keep up the great work.

@_CryptoCat Год назад

thank you mate 💜

@duskb1t 8 месяцев назад

tysm!

@_CryptoCat 8 месяцев назад

Very welcome! 💜

@mr.midnight7423 Год назад

Well done ^^

@ARZ10198 Год назад

Awesome

@nyzkin Год назад

Nice

@thomas.countz Год назад

All of your videos are insightful, inspiring, and entertaining! Thank you! I'm wondering if you can go into more detail about your workstation setup/workflow. For example, in several videos you mention restoring your VM image between CTFs/etc, sometimes you use parrot and other times Kali, how do you manage your dotfiles? Can you give us a tour?

@_CryptoCat Год назад

Thanks mate 😊 I recently added a copy of my .bash_aliases file to github: github.com/Crypto-Cat/CTF/blob/main/my_bash_aliases.md As for reverting snapshots; I basically keep an "Active" snapshot and if I do a CTF or HTB machine (or something else) i'll normally revert to that Active snapshot at the end so I don't have to worry about any changes made or cleaning up temp files etc. If I installed some tool or bookmarked a new website during that time that I want to keep, I'll restore to "Active" and add the tool/bookmark, then create a new "Active" snapshot and delete the old one. I'll also periodically update tools, python packages, git repos etc and save to a new "Active" snapshot. I don't really use Kali anymore. I used it for 3-4 years (and backtrack before that) but I just use Parrot now. However, sometimes I teach undergrad/MSc students at university and give them a Kali VM, so I'll use it now and then for demonstrations. Hope that helps! 🥰

@thomas.countz Год назад

@@_CryptoCat Yes, thank you! This is really helpful! 😁