CyberSecLabs - Stack - Windows [Walkthrough]

▶️ YouTube: https://www.youtube.com/c/PinkDraconian 🐦 Twitter: https://twitter.com/PinkDraconian 🎵 TikTok: https://www.tiktok.com/@pinkdraconian ℹ️ LinkedIn: https://www.linkedin.com/in/robbe-van-roey-365666195/ 📞 Discord: PinkDraconian#9907 📷 Instagram: https://www.instagram.com/robbevanroey/ 🕸️ Website: http://pinkdraconian.d4rkc0de.com/ 👨‍💻 HackTheBox: https://www.hackthebox.eu/home/users/profile/129531 Twitter: https://twitter.com/PinkDraconian Discord: PinkDraconian#9907 Website: http://pinkdraconian.d4rkc0de.com/

Platform: CyberSecLabs

Platform Link: https://www.cyberseclabs.co.uk/

Category: Machine

OS: Windows

Challenge name: Stack

Difficulty: 1/10

00:00 Introduction 00:10 Nmap scan 00:30 Checking out port 80, it runs a debug django instance 01:05 Logging into gitstack with default credentials 01:30 Finding an RCE exploit for gitstack and running it 04:00 Using regsvr32 in metasploit to get a reverse shell 06:00 Running winpeas on the box 08:00 We get a keepass password database, which we crack with john 10:00 Trying to login with evil-winrm, fails 11:00 Search Invoke-Command on hacktricks but we need a powershell session 12:20 Getting a powershell shell 12:30 Running Invoke-Command 14:10 Using nc.exe to get a reverse shell as administrator ... https://www.youtube.com/watch?v=5GB080t8OU8