HackTheBox - Ambassador
00:00 - Intro
00:45 - Start of nmap
03:30 - Discovering Grafana and seeing it is ~2 years old
05:00 - Looking for exploits
06:00 - Manually performing the exploit
08:45 - Looking for interesting files, extracting Grafana config which lets us log in
12:55 - Extracting the SQLite3 Database in order to get the MySQL Password
15:30 - Logging into MySQL and getting SSH Creds from the whackywidget database
18:00 - Looking at the WhackyWidget application and discovering an Consul API Key
21:20 - Looking for the Consul API Documentation
23:05 - Playing with the API, examining the Metasploit script and building out our curl request
26:40 - Building a JSON file which will create a Consul Script to send us a reverse shell and getting root
31:50 - Showing the Metasploit Script would work if we port forward
34:50 - Showing another way, we can write to the Consul Config directory and do it manually
Видео HackTheBox - Ambassador канала IppSec
00:45 - Start of nmap
03:30 - Discovering Grafana and seeing it is ~2 years old
05:00 - Looking for exploits
06:00 - Manually performing the exploit
08:45 - Looking for interesting files, extracting Grafana config which lets us log in
12:55 - Extracting the SQLite3 Database in order to get the MySQL Password
15:30 - Logging into MySQL and getting SSH Creds from the whackywidget database
18:00 - Looking at the WhackyWidget application and discovering an Consul API Key
21:20 - Looking for the Consul API Documentation
23:05 - Playing with the API, examining the Metasploit script and building out our curl request
26:40 - Building a JSON file which will create a Consul Script to send us a reverse shell and getting root
31:50 - Showing the Metasploit Script would work if we port forward
34:50 - Showing another way, we can write to the Consul Config directory and do it manually
Видео HackTheBox - Ambassador канала IppSec
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![HackTheBox - Agile](https://i.ytimg.com/vi/ob-CwobmkKk/default.jpg)
![HackTheBox - Stratosphere](https://i.ytimg.com/vi/uMwcJQcUnmY/default.jpg)
![HackTheBox - Perfection](https://i.ytimg.com/vi/zcVCLoMsOKA/default.jpg)
![HHC2016 - Ads](https://i.ytimg.com/vi/5UZy8OdqA4o/default.jpg)
![Playing with Exploits - OMIGod](https://i.ytimg.com/vi/TXqi1BKtcyM/default.jpg)
![Detecting Exploits - OMIGod (Linux Logging with Auditd)](https://i.ytimg.com/vi/lc1i9h1GyMA/default.jpg)
![HackTheBox - Chaos](https://i.ytimg.com/vi/no9UnySBQrU/default.jpg)
![HackTheBox - Developer](https://i.ytimg.com/vi/MjkDCy10BYM/default.jpg)
![UHC - Validation](https://i.ytimg.com/vi/UqoVQ4dbYaI/default.jpg)
![HackTheBox - Health](https://i.ytimg.com/vi/UBQ1tGdFvKk/default.jpg)
![UHC - Pressed](https://i.ytimg.com/vi/p8mIdm93mfw/default.jpg)
![Manually Parse Bloodhound Data with JQ to Create Lists of Potentially Vulnerable Users and Computers](https://i.ytimg.com/vi/o3W4H0UfDmQ/default.jpg)
![HackTheBox - Shared](https://i.ytimg.com/vi/7LmqyefHgIU/default.jpg)
![HackTheBox - Poison](https://i.ytimg.com/vi/rs4zEwONzzk/default.jpg)
![UHC- Union](https://i.ytimg.com/vi/z5pdizHDvt8/default.jpg)
![HackTheBox - Sekhmet](https://i.ytimg.com/vi/vsgPsMZx59w/default.jpg)
![UHC - Spooktrol](https://i.ytimg.com/vi/pc-_tK6CWnA/default.jpg)
![HackTheBox - Previse](https://i.ytimg.com/vi/LI9mw1rMKVw/default.jpg)
![HackTheBox - Armageddon](https://i.ytimg.com/vi/8ikdbyOQsLg/default.jpg)
![HackTheBox - Heist](https://i.ytimg.com/vi/fmBb6BgLsC8/default.jpg)