HackTheBox - Analysis
00:00 - Introduction
01:05 - Start of nmap
05:00 - Discovering the internal.analysis.htb subdomain
07:55 - Talking about why I want to run FeroxBuster here and showing the menu so we can stop crawling non-interesting directories (ex: js, css, img)
13:30 - Discovering list.php in users and fuzzing parameters
16:40 - Start of program to bruteforce usernames
21:55 - Got the first character of every username, get the full name
29:00 - Discovering the script it vulnerable to LDAP Injection
31:50 - Converting our ldap username bruteforcer to exploit this ldap injection and exfil fields
41:00 - Talking about having to deal with wildcards in the field
50:10 - Completing the script
55:50 - Discovering we can upload PHP Scripts using the SOC Report page
1:00:30 - Reverse shell returned
1:01:45 - Creating a PHP Script to dump the database, we could pivot with chisel but we've done that 100 times before
1:09:00 - Discovering Snort runs every 2 minutes, talking abou tthe DynamicProcessor and how if we can upload a DLL we can get RCE as Admin
1:19:10 - Getting JDOE's password from HTTP Access Logs and the registry
Watch video HackTheBox - Analysis online, duration hours minute second in high quality that is uploaded to the channel IppSec 01 June 2024. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 9,998 times and liked it 295 visitors.
