HackTheBox - Silo
01:30 - Begin of recon
03:15 - Begin of installing SQLPlus and ODAT (Oracle Database Attack Tool)
08:45 - Bruteforcing the SID with ODAT
10:15 - Holy crap, this is slow lets also do it with Metasploit
13:00 - Bruteforcing valid logins with ODAT
16:00 - Credentials returned, logging into Oracle with SQLPlus as SysDBA
19:00 - Reading files from disk via Oracle
23:20 - Writing files to disk from Oracle. Testing it in WebRoot Directory
25:52 - File Written, lets write an ASPX WebShell to the Server
29:10 - WebShell Working! Lets get a Reverse Shell
31:28 - Reverse Shell Returned
32:24 - Finding a DropBox link, but password doesn't display well.
33:55 - Attempting to copy file via SMB to view UTF8 Text
35:18 - That didn't work, lets transfer the file by encoding it in Base64.
36:55 - Got the password lets download the dump!
39:10 - Begin of Volatility
45:20 - Running the HashDump plugin from volatilty then PassTheHash with Administrator's NTLM!
### Box Done
47:35 - Begin of unintended way, examining odat and uploading an meterpreter exe
50:30 - Using odat externaltable to execute meterpreter and get a system shell!
52:20 - Examining odat verbosity flag to see what commands it runs and try to learn.
Видео HackTheBox - Silo канала IppSec
03:15 - Begin of installing SQLPlus and ODAT (Oracle Database Attack Tool)
08:45 - Bruteforcing the SID with ODAT
10:15 - Holy crap, this is slow lets also do it with Metasploit
13:00 - Bruteforcing valid logins with ODAT
16:00 - Credentials returned, logging into Oracle with SQLPlus as SysDBA
19:00 - Reading files from disk via Oracle
23:20 - Writing files to disk from Oracle. Testing it in WebRoot Directory
25:52 - File Written, lets write an ASPX WebShell to the Server
29:10 - WebShell Working! Lets get a Reverse Shell
31:28 - Reverse Shell Returned
32:24 - Finding a DropBox link, but password doesn't display well.
33:55 - Attempting to copy file via SMB to view UTF8 Text
35:18 - That didn't work, lets transfer the file by encoding it in Base64.
36:55 - Got the password lets download the dump!
39:10 - Begin of Volatility
45:20 - Running the HashDump plugin from volatilty then PassTheHash with Administrator's NTLM!
### Box Done
47:35 - Begin of unintended way, examining odat and uploading an meterpreter exe
50:30 - Using odat externaltable to execute meterpreter and get a system shell!
52:20 - Examining odat verbosity flag to see what commands it runs and try to learn.
Видео HackTheBox - Silo канала IppSec
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![HackTheBox - Bastard](https://i.ytimg.com/vi/lP-E5vmZNC0/default.jpg)
![Pentesting for n00bs: Episode 9 - Grandpa](https://i.ytimg.com/vi/3aASluoJ-iM/default.jpg)
![HackTheBox - Laser](https://i.ytimg.com/vi/vD3jSJlc0ro/default.jpg)
![HackTheBox - Brainfuck](https://i.ytimg.com/vi/o5x1yg3JnYI/default.jpg)
![HackTheBox - Lazy](https://i.ytimg.com/vi/3VxZNflJqsw/default.jpg)
![HackTheBox - Arctic](https://i.ytimg.com/vi/e9lVyFH7-4o/default.jpg)
![HackTheBox - SolidState](https://i.ytimg.com/vi/_QapCUx55Xk/default.jpg)
![HackTheBox - Jerry](https://i.ytimg.com/vi/PJeBIey8gc4/default.jpg)
![HackTheBox - Scavenger](https://i.ytimg.com/vi/rlUTZiqTKgc/default.jpg)
![HackTheBox - Stratosphere](https://i.ytimg.com/vi/uMwcJQcUnmY/default.jpg)
![](https://i.ytimg.com/vi/fLk3N9y1bhI/default.jpg)
![HackTheBox - Kryptos](https://i.ytimg.com/vi/4uCoI5YzOwk/default.jpg)
![HackTheBox - Chatterbox | Noob To OSCP Episode #19](https://i.ytimg.com/vi/Uwbk-6AeX7Y/default.jpg)
![HackTheBox - Blunder](https://i.ytimg.com/vi/G5iw8c2vXuk/default.jpg)
![HackTheBox - Buff](https://i.ytimg.com/vi/-KBm3tBNK74/default.jpg)
![HackTheBox - FriendZone](https://i.ytimg.com/vi/Zf8p49IzEEA/default.jpg)
![HackTheBox - Nineveh](https://i.ytimg.com/vi/K9DKULxSBK4/default.jpg)
![HackTheBox - Shocker](https://i.ytimg.com/vi/IBlTdguhgfY/default.jpg)
![HackTheBox - Networked](https://i.ytimg.com/vi/H3t3G70bakM/default.jpg)
![HackTheBox - Safe](https://i.ytimg.com/vi/CO_g3wtC7rk/default.jpg)