CyberSecLabs - Debug - Linux [Walkthrough]

PinkDraconian

description

▶️ YouTube: https://www.youtube.com/c/PinkDraconian 🐦 Twitter: https://twitter.com/PinkDraconian 🎵 TikTok: https://www.tiktok.com/@pinkdraconian ℹ️ LinkedIn: https://www.linkedin.com/in/robbe-van-roey-365666195/ 📞 Discord: PinkDraconian#9907 📷 Instagram: https://www.instagram.com/robbevanroey/ 🕸️ Website: http://pinkdraconian.d4rkc0de.com/ 👨‍💻 HackTheBox: https://www.hackthebox.eu/home/users/profile/129531 Twitter: https://twitter.com/PinkDraconian Discord: PinkDraconian#9907 Website: http://pinkdraconian.d4rkc0de.com/

Platform: CyberSecLabs

Platform Link: https://www.cyberseclabs.co.uk/

Category: Machine

OS: Linux

Challenge name: Debug

Difficulty: 1/10

00:00 Introduction 00:10 Nmap scan 00:20 Gobuster on webroot 00:40 Manually checking webpage 01:18 Gobuster find console page 01:30 We find a flask interactive console and use it to get a reverse shell 01:55 Our flask shell isn't working reliably, seems like sometimes we get a 404 02:13 Checking out Pentestmonkeys 02:30 Using rlwrap to make our live easier once the shell returns 03:22 Running linpeas to enumerate 05:00 Checking gtfobins for a suid binary we can run as root 05:55 Reading /etc/shadow and cracking the hashes with john 06:47 Hash cracked, can we su as root with this password? ... https://www.youtube.com/watch?v=J8v2QQ9ILto

created

2021-12-15

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

46829709 Bytes