HackTheBox - Analysis
00:00 - Introduction
01:05 - Start of nmap
05:00 - Discovering the internal.analysis.htb subdomain
07:55 - Talking about why I want to run FeroxBuster here and showing the menu so we can stop crawling non-interesting directories (ex: js, css, img)
13:30 - Discovering list.php in users and fuzzing parameters
16:40 - Start of program to bruteforce usernames
21:55 - Got the first character of every username, get the full name
29:00 - Discovering the script it vulnerable to LDAP Injection
31:50 - Converting our ldap username bruteforcer to exploit this ldap injection and exfil fields
41:00 - Talking about having to deal with wildcards in the field
50:10 - Completing the script
55:50 - Discovering we can upload PHP Scripts using the SOC Report page
1:00:30 - Reverse shell returned
1:01:45 - Creating a PHP Script to dump the database, we could pivot with chisel but we've done that 100 times before
1:09:00 - Discovering Snort runs every 2 minutes, talking abou tthe DynamicProcessor and how if we can upload a DLL we can get RCE as Admin
1:19:10 - Getting JDOE's password from HTTP Access Logs and the registry
Watch video HackTheBox - Analysis online without registration, duration hours minute second in high quality. This video was added by user IppSec 01 June 2024, don't forget to share it with your friends and acquaintances, it has been viewed on our site 9,998 once and liked it 295 people.