HackTheBox - Sunday
00:48 - Begin of NMAP Discovery of Finger
03:36 - Enumerating Finger with Finger-User-Enum
05:00 - Nmap’ing all port quickly by lowering max-retries
08:40 - Adding an old Key Exchange Alogorithm to SSH
09:30 - Showing Hydra doesn’t work, then using Patator
(Patator also can do Finger Enum! Try it out)
11:19 - Using find to count lines in all wordlist files
14:07 - Logged in with sunny:sunday
14:45 - Grabbing /backup/ and cracking sha256crypt with Hashcat
16:46 - Just noticed this box is oooooold, try to privesc with sudo and ShellShock (Fail)
18:53 - Privesc by overwriting the /root/troll binary
== Box Done
23:30 - Using wget to exfil files quickly
24:50 - Viewing what wget --post-file looks like
25:50 - Creating a PHP Script to accept uploaded files
27:30 - Hardening our upload location to prevent executing PHP Files and/or reading what was uploaded
29:10 - Starting a php webserver with php -S (ip):(port) -t .
31:10 - Replacing the
3 months ago 00:10:23 1
6 months ago 00:00:00 1
7 months ago 00:04:06 1
8 months ago 00:32:44 18
8 months ago 00:34:38 2
8 months ago 01:27:34 5
8 months ago 00:37:18 6
8 months ago 00:41:25 5
8 months ago 01:46:13 2
8 months ago 01:12:42 4
8 months ago 00:26:29 1
8 months ago 02:06:46 2
8 months ago 00:54:43 11
8 months ago 02:05:30 1
8 months ago 00:33:44 1
8 months ago 00:27:16 1
9 months ago 00:30:39 1
9 months ago 11:21:04 1
11 months ago 05:30:24 3
11 months ago 01:02:06 16
11 months ago 00:16:21 18
11 months ago 02:09:39 15
11 months ago 00:29:19 2
1 year ago 00:39:17 7
