- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Solving PwnLab: init (Vulnhub) Walkthrough
Be better than yesterday
Penetration Tester by trade
OSCE|OSCP|CREST
This video shows how to solve the vulnerable machine PwnLab: init
PwnLab: init is a recommended vulnerable machine hosted on Vulnhub for Offensive Security OSCP preparation
PwnLab: init vulnerable machine can be downloaded from https://www.vulnhub.com/entry/pwnlab-init,158/
Gemini Security Awesome Hacking T-Shirts - Support the channel:
https://www.redbubble.com/people/GeminiSecurity/shop?asc=u
Key Concepts:
- Enumerating software versions with NMap and Burp Suite
- Fuzzing for SQL Injection with Burp Intruder
- Exploiting Local File Inclusion (LFI) Vulnerability
- Using 'dirb' to Brute Force Files and Directories
- Exploiting LFI to Disclose PHP Source Code using PHP Fitlers
- PHP Source Code Review to Identify Vulnerabilities
- Embedding PHP Code into Image Files with Burp
- Exploiting LFI to Execute PHP Code
- Exploiting Linux Binaries that Have SUID set
- Exploiting Linux Binaries that uses Non-Absolute Path
- Exploiting Operating System (OS) Command Injection
Timestamp
00:00 Intro
00:11 Nmap Enumeration
00:23 Identifying Potential Public Exploits
01:05 Investigating Web Server on Port 80
01:26 Fuzzing for SQL Injection with Burp Intruder
01:53 Fuzzing for Local File Inclusion LFI
03:48 Running 'dirb'
04:11 Continue Fuzzing for LFI
04:36 LFI Exploitation Success
05:25 Exploiting LFI to Obtain Code/Command Execution (RCE)
06:20 'dirb' found config.php
06:31 Found MySQL credentials from config.php source code
06:59 Found Web Application Users Encoded Passwords
07:31 Exploit LFI to RCE via File Upload
08:46 Exploited LFI to RCE Successfully
10:05 PHP Reverse Shell Success
10:16 Linux Privilege Escalation WITHOUT Kernel Exploit
11:10 Attempt to Privilege Escalation to user 'mike'
12:27 Escalated Privileges to user 'mike'
13:04 Escalate Privileges from 'mike' to 'root'
13:47 Root
Видео Solving PwnLab: init (Vulnhub) Walkthrough канала Gemini Cyber Security
Penetration Tester by trade
OSCE|OSCP|CREST
This video shows how to solve the vulnerable machine PwnLab: init
PwnLab: init is a recommended vulnerable machine hosted on Vulnhub for Offensive Security OSCP preparation
PwnLab: init vulnerable machine can be downloaded from https://www.vulnhub.com/entry/pwnlab-init,158/
Gemini Security Awesome Hacking T-Shirts - Support the channel:
https://www.redbubble.com/people/GeminiSecurity/shop?asc=u
Key Concepts:
- Enumerating software versions with NMap and Burp Suite
- Fuzzing for SQL Injection with Burp Intruder
- Exploiting Local File Inclusion (LFI) Vulnerability
- Using 'dirb' to Brute Force Files and Directories
- Exploiting LFI to Disclose PHP Source Code using PHP Fitlers
- PHP Source Code Review to Identify Vulnerabilities
- Embedding PHP Code into Image Files with Burp
- Exploiting LFI to Execute PHP Code
- Exploiting Linux Binaries that Have SUID set
- Exploiting Linux Binaries that uses Non-Absolute Path
- Exploiting Operating System (OS) Command Injection
Timestamp
00:00 Intro
00:11 Nmap Enumeration
00:23 Identifying Potential Public Exploits
01:05 Investigating Web Server on Port 80
01:26 Fuzzing for SQL Injection with Burp Intruder
01:53 Fuzzing for Local File Inclusion LFI
03:48 Running 'dirb'
04:11 Continue Fuzzing for LFI
04:36 LFI Exploitation Success
05:25 Exploiting LFI to Obtain Code/Command Execution (RCE)
06:20 'dirb' found config.php
06:31 Found MySQL credentials from config.php source code
06:59 Found Web Application Users Encoded Passwords
07:31 Exploit LFI to RCE via File Upload
08:46 Exploited LFI to RCE Successfully
10:05 PHP Reverse Shell Success
10:16 Linux Privilege Escalation WITHOUT Kernel Exploit
11:10 Attempt to Privilege Escalation to user 'mike'
12:27 Escalated Privileges to user 'mike'
13:04 Escalate Privileges from 'mike' to 'root'
13:47 Root
Видео Solving PwnLab: init (Vulnhub) Walkthrough канала Gemini Cyber Security
Комментарии отсутствуют
Информация о видео
10 августа 2022 г. 16:30:11
00:14:04
Другие видео канала
![Hacking with ChatGPT - Create a Go Malware/Spyware Virus for Windows System [1]](https://i.ytimg.com/vi/5QSJo_iI-24/default.jpg)
Hacking with ChatGPT - Create a Go Malware/Spyware Virus for Windows System [1]
Cyber Security - Getting Started with Rust - Bypass Windows Defender
HOW TO: Windows Privilege Escalation via Insecure MSI Packages
Wireshark vs Nmap TCP Scan
Post Exploitation - Getting Clear Text Passwords with SharpLoginPrompt
Cyber Security - Top Interview Questions for Penetration Testing #shorts 01
Learn Linux with Bandit OverTheWire Wargames | Level 10 - 15
Cyber Security - Top Interview Questions for Penetration Testing #shorts 02
Learn Linux with Bandit OverTheWire Wargames | Level 5 - 9
Exploiting WinRAR Zero Day Vulnerability (CVE 2023 38831)
Cyber Security - Top Interview Questions for Penetration Testing #shorts 10
Solving Kioptrix Level 1.3 #4 (Vulnhub) Walkthrough
Windows Keylogger Input Capture for Remote Desktop Protocol RDP
Windows Malware using Github as C2 (Command and Control)
Solving FristiLeaks 1.3 (Vulnhub) Walkthrough
Backdoor SSH Service - Get Clear Text Passwords
Solving SickOs 1.2 (Vulnhub) Walkthrough
Cobalt Strike Payload Delivery in 2020 (Windows Defender Bypass)
Learn Linux with Bandit OverTheWire Wargames | Level 15 - 20
Using Google Calendar as C2 - APT41 Hackers from China
