- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
HackTheBox - Overwatch
00:00 - Introduction
00:45 - Start of nmap
03:00 - Null Authentication lets us list open shares
05:30 - Using SMBClient and downloading the overwatch binary and config from the fileshare
08:40 - Using ilSpycmd to decompile the dotnet from Linux
10:04 - Looking at the overwatch source, which is a WCF (Windows Communication Foundation) Binary
14:00 - Taking nmap allports output, doing some bashful to get a list of open ports to do our normal nmap against the open ports
17:40 - Finding MSSQL on port 6520, we can login. The Enum_Links shows an SQL Server, it hangs and says the host SQL07 doesn't exist
21:45 - Using BloodyAD to show AD Attributes we can write to, discover we can create DNS Entries, then creating a DNS Entry for SQL07 to point back to us and then getting the SQLMGMT user credentials
25:00 - Looking at the WCF Endpoint, examining the WSDL and explaining it a little bit
26:30 - Executing endpoints in the WCF Endpoint from PowerShell with New-WebServiceProxy and getting RCE on the server
33:00 - Showing how we could have enumerated services from our first shell
Видео HackTheBox - Overwatch канала IppSec
00:45 - Start of nmap
03:00 - Null Authentication lets us list open shares
05:30 - Using SMBClient and downloading the overwatch binary and config from the fileshare
08:40 - Using ilSpycmd to decompile the dotnet from Linux
10:04 - Looking at the overwatch source, which is a WCF (Windows Communication Foundation) Binary
14:00 - Taking nmap allports output, doing some bashful to get a list of open ports to do our normal nmap against the open ports
17:40 - Finding MSSQL on port 6520, we can login. The Enum_Links shows an SQL Server, it hangs and says the host SQL07 doesn't exist
21:45 - Using BloodyAD to show AD Attributes we can write to, discover we can create DNS Entries, then creating a DNS Entry for SQL07 to point back to us and then getting the SQLMGMT user credentials
25:00 - Looking at the WCF Endpoint, examining the WSDL and explaining it a little bit
26:30 - Executing endpoints in the WCF Endpoint from PowerShell with New-WebServiceProxy and getting RCE on the server
33:00 - Showing how we could have enumerated services from our first shell
Видео HackTheBox - Overwatch канала IppSec
Комментарии отсутствуют
Информация о видео
9 мая 2026 г. 20:00:31
00:38:17
Другие видео канала
