Tier 1: Funnel - HackTheBox Starting Point - Full Walkthrough

Подписаться 34 тыс.

Просмотров 9 тыс.

50% 1

Learn the basics of Penetration Testing: Video walkthrough for the "Funnel" machine from tier one of the ‪@HackTheBox‬ "Starting Point" track; "The key is a strong foundation". We'll be exploring the basics of enumeration, service discovery, pivoting/tunnelling and more! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #HackTheBox #HTB #CTF #Pentesting #OffSec
Sign up for HackTheBox: hacktheboxltd.sjv.io/xk75Yk
↢Social Media↣
Twitter: / _cryptocat
GitHub: github.com/Crypto-Cat
HackTheBox: app.hackthebox.eu/profile/11897
LinkedIn: / cryptocat
Reddit: / _cryptocat23
RU-vid: / cryptocat23
Twitch: / cryptocat23
↢HackTheBox↣
affiliate.hackthebox.com/cryp...
/ hackthebox_eu
/ discord
↢Video-Specific Resources↣
academy.hackthebox.com/course...
nullsweep.com/pivot-cheatshee...
sushant747.gitbooks.io/total-...
catharsis.net.au/blog/network...
book.hacktricks.xyz/network-s...
↢Resources↣
Ghidra: ghidra-sre.org/CheatSheet.html
Volatility: github.com/volatilityfoundati...
PwnTools: github.com/Gallopsled/pwntool...
CyberChef: gchq.github.io/CyberChef
DCode: www.dcode.fr/en
HackTricks: book.hacktricks.xyz/pentestin...
CTF Tools: github.com/apsdehal/awesome-ctf
Forensics: cugu.github.io/awesome-forensics
Decompile Code: www.decompiler.com
Run Code: tio.run
↢Chapters↣
Start: 0:00
Enumeration (NMap): 0:33
FTP Anonymous Login: 1:48
Review Password Policy: 2:50
Password Spraying: 6:19
Internal Enumeration: 9:38
Port Forwarding: 13:11
Postgresql DB: 20:45
End: 24:38

Наука

Опубликовано:

1 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 54

@toonlagoon3127 Год назад

Just for clarity. The problem at 23:14 was that you didn't put the semicolon. You can notice that the 'secret=' changed to 'secret-' which means it did get the command but only waited for the code end(;). When you inputted 'select * from flag;' again it ran the line as following: 'select * from flag select * from flag;' which gave you the error. If you'd just put ; in the second line it would have finished the command. Great video and explanation!

@toonlagoon3127 Год назад

Great to comment and not watch the video fully just to see it in the video :)

@_CryptoCat Год назад

Thanks! I was very confused when recording but realised the mistake during edit. Always something small 😅

@JackOfAllThreatsMasterOfNone Год назад

Thanks! Your explanation about the tunnel was clear! I look forward to the video on using Obsidian for ctf and pentesting... Can't find one!!!

@_CryptoCat Год назад

Thanks mate! I had that episode all planned out in my head but it's been so long, that I'd need to re-prep for it 😆 Will get there.. eventually 😊

@augustoalmeida2586 11 месяцев назад

you could run ss -tl and it will tell you the service running in that port

@HackingInSeconds Год назад

hey just wanted some guidance on what to do after completing the starting point machines....? Should we start with retired machines, active machines CTF.......

@_CryptoCat Год назад

Yes! All of these things 😉 If you have a VIP membership then retired boxes/challs are great for learning because you can spend as long as you feel is reasonable trying to solve and then refer to walkthroughs when stuck. That extra experience will help you when it comes to active machines/challs 😊 CTFs are always good fun and a great learning opportunity as well, NahamCon CTF is currently running!

@aliedora Год назад

Wow this challenge gave me a lot of grief. But after spending few hours on it I do understand the concept much better. Thanks for the videos, they never disappoint. I always watch them after I try the challenge myself and always learn something new. You have a nice voice too :) I always use my Kali linux, and there are differences from parrot. For example for me, local port forwarding did not work at all, when trying to connect to the db I was getting: "psql: error: connection to server at "localhost" (127.0.0.1), port 5432 failed: Connection refused Is the server running on that host and accepting TCP/IP connections?" Only with dynamic forwarding I was able to get into db. However in this case my scan was showing as PORT STATE SERVICE VERSION 5432/tcp closed postgresql Like.. what the heck. I feel like I am cursed with always having the weirdest things happening on my machine.

@_CryptoCat Год назад

Awww thanks for lovely feedback 🥰 Port forwarding is definitely one of the more challenging topics and I often find one tool will work better than others in different scenarios (SSH, chisel, sshuttle, meterpreter, plink, netsh etc). Glad to hear you got it working one way or another and gained a better understanding of the concept 🙂

@alexkri9884 Год назад

you missing the -h flag when forwarding ports: psql -p [local port] -U [user] -h localhost for example exact to this video : psql -p 1234 -U christine -h localhost

@TheBG077 10 месяцев назад

I had the same issue! I too was able to get in using dynamic forwarding, and I also believe I'm cursed as well haha I can't seem to get through barely any of these "very easy" machines without looking at some form of a guide :( I feel like I'm never going to get the hang of this...

@chibiichen Год назад

I love your content. Are you planning to do some retired machines for beginners? I sometimes find them very hard even if they are rated as "easy"

@_CryptoCat Год назад

Thanks! I've always avoided making videos for retired machines as IppSec does a great job and I don't feel like I can add much value. I'm going to do one soon where I show how to take notes with Obsidian though so if it goes well, I might do more in future 😊

@TheBG077 10 месяцев назад

Thanks so much for this guide! It led me to using the dynamic forwarding (also from reading the comment from aliedora) because local didn't work correctly...I love how these machines are labeled "very easy". I just started my journey, but I feel like I'm never going to get the hang of this....I'm most of the way through Tier 1, and I have yet to finish a machine without having to look up a walkthrough Does everyone have this trouble/frustration when starting out, or am I just way below average at this? lol

@_CryptoCat 10 месяцев назад

Don't worry mate, everyone has the same struggles at some point. If you find everything easy, you probably aren't learning much!

@reu3437 Год назад

Hi, thanks so much for your detailed walkthrough. I have an issue when trying to do port forwarding. When i nmap my own localhost, it shows that the port 1234 is closed, and the service version is hotline. Been googling and retracing my steps to see if i did anything wrong. Re-did the machine but the issue is still the same. Any idea if this is a common problem? Any help from you or members of the community is greatly appreciated! Thanks in advance 🙆‍♀

@_CryptoCat Год назад

Hmmm you definitely setup the port forward first? Tried the local and dynamic forward?

@primaspierre20 11 месяцев назад

i did everything up to the point where i have to connect to the ssh as christine than an nothing happens. can you help me?

@_CryptoCat 11 месяцев назад

When you say nothing happens.. It doesn't connect via SSH? Does it timeout or give you some error? Have you checked the official PDF walkthrough to confirm?

@ovejanegra6351 6 месяцев назад

help [WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4

@_CryptoCat 6 месяцев назад

Hmmm haven't seen that one before.. Did you try to add the "-t 4" flag?

@ovejanegra6351 6 месяцев назад

@@_CryptoCat yes

@_CryptoCat 6 месяцев назад

It's giving an error, but does it actually fail?

@ppgdude 9 месяцев назад

Hey could you tell me why you use parrot os? and not kali or something

@_CryptoCat 9 месяцев назад

I swapped to Parrot a few years ago when Kali was having regular issues. Next time I create a new VM, I'll go back to Kali lol.

@ppgdude 9 месяцев назад

@@_CryptoCatThanks for answer!

@pavi013 24 дня назад

Its gonna be very easy they said 😅

@_CryptoCat 24 дня назад

😆

@user-ef7lu1bl1n Год назад

Hello, I followed the same operation as you, but my dynamic proxy is still not working, I want to get some direction to solve the problem

@user-ef7lu1bl1n Год назад

My proxychains does not output information about port 9050 being forwarded to port 5432. Does this mean that I am not proxying successfully? But my ssh command and configuration of proxy chains4.conf file are the same as yours

@user-ef7lu1bl1n Год назад

I further narrowed down the problem and it only fails when proxychains proxy nmap. [proxychains] config file found: /etc/proxychains4.conf [proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4 [proxychains] DLL init: proxychains-ng 4.16 This is what was output.

@_CryptoCat Год назад

@@user-ef7lu1bl1n Hmmm a couple of things; I updated my proxychains.conf, rather than proxychains4.conf - sounds like this might not be the issue but worth trying. NMap can also have some issues when used via proxychains, did you try to connect to the port 5432 any other way? e.g. using psql or netcat?

@user-ef7lu1bl1n Год назад

@@_CryptoCat I tried again during the review process, I took a lot of measures but nothing worked, I can only ignore it for the time being and move on, maybe I will meet the answer in the future.

@angelonunziolombardi Год назад

Can Hackthebox Challenges be done without VIP?

@_CryptoCat Год назад

Only the active ones (same as machines)

@AbbaG-tp9ze Год назад

provided right password but still gives me this error: Password for user christine: psql: error: connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "christine" connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "christine"

@_CryptoCat Год назад

Hmmm check this, see if it helps: dev.to/atosh502/postgresql-password-authentication-failed-for-user-387b

@discordmsimna Год назад

I have a stupid problem at 21:18 I tried using psql and install it but it doesn't work it says Please ask your administrator. what should I do ?

@_CryptoCat Год назад

Can you run "sudo apt-get install psql"? Or maybe you need "sudo apt-get install postgresql-client-common"

@discordmsimna Год назад

@@_CryptoCat Idk whether I install it while I'm in Christine or to open another tab and install it in my Kali (sorry for my bad English)

@_CryptoCat Год назад

@@discordmsimna np, you should install it through your kali terminal 🙂

@shreyastambe4897 Год назад

what am i doing wrong i am getting this error : christine is not in the sudoers file. This incident will be reported.

@_CryptoCat Год назад

Don't use "sudo" before the command. Christine doesn't have permission and you don't sudo for this box 🙂

@shreyastambe4897 Год назад

@@_CryptoCat thanks for the reply i understood now 👍

@angelonunziolombardi Год назад

where is pathfinder? when I look for it I am redirected to the tier 2 starting point but it is not there

@_CryptoCat Год назад

pathfinder??

@angelonunziolombardi Год назад

@@_CryptoCat ye

@_CryptoCat Год назад

@@angelonunziolombardi What is it? Where do you see?

@angelonunziolombardi Год назад

@@_CryptoCat I find this online h4rithd.com/blog/starting-point-htb-pathfinder-walkthrough/index.html But on Hackthebox this machine there is not

@_CryptoCat Год назад

@@angelonunziolombardi Oh yeh, WTF! 😅 Maybe they renamed that machine or removed it, I can't see it either 🤔

@xantlcn3226 Год назад

tldr?

@_CryptoCat Год назад

Not sure if you're asking for a TLDR of the video or what the "tldr" tool is 😅 Assuming it's the second, "tldr" will just give you some examples of common commands from man pages: github.com/tldr-pages/tldr. I use it a lot!