Walkthrough of Airplane room from TryHackMe, including methodology I use when penetration testing a website.
Discord: / discord
Consider buying me a coffee?
www.buymeacoffee.com/techmafia
Become a Patreon.
/ techmafia
00:00 - Intro
00:05 - Start of Rustscan
01:32 - Checking web server for anything interesting
02:48 - Discovering Local File Inclusion (LFI) on the webpage / website
04:45 - Launching full port scan using nmap
05:32 - Taking in-depth look into LFI to uncover more information
10:35 - Analyzing source code of app.py server file
13:14 - All port scan takes a long time, switching to rustscan again
15:42 - Enumerating system running processes to know more about port 6048 using a custom python script
21:50 - Port 6048 service name confirmed; searching on how to attack port 6048.
23:01 - Uploading malicious binary to receive back a reverse shell
25:00 - Finding ways of local privilege escalation
29:29 - A rabbit hole I fell onto previously, explaning why it isn't the right path
30:40 - Getting SSH access to Carlos user to continue enumeration
32:40 - Carlos can run a command as root, looking at how we can exploit it using wildcard injection
33:55 - Exploiting sudo privileges to gain access to root user
34:48 - Outro ( SUBSCRIBE!! )
29 июн 2024