Скачать или смотреть EP005: Dealer313 by I.T Security Labs

Walk through of box Dealer313 by I.T Security Labs (Youtube)

Link:   / need_more_practice_hack_this_windows_pract...  


Chapters:
00:00 Intro
00:55 nmap open TCP ports
01:35 looking for SMB shares
02:32 nmap with -sC & -sV
04:08 smbclient command syntax
04:53 nmap results
05:50 examining HTTPs certificate
06:47 moving towards port 80
07:19 trying PHP LFI
08:50 looking explotis on ExploitDB
10:40 manually exploiting the vulnerability
10:57 SQLi for authentication bypass
12:40 uploading rce.php
15:40 finding the correct location of rce.php
16:12 having command execution
17:03 downloading nc64.exe
18:58 uploading nc.exe to box
20:08 getting reverse shell
21:00 user.txt
21:28 looking for installed software
22:50 Druva folder ?
23:12 Druva's PrivEsc scripts
23:31 looking at the exploits out
24:12 modifying powershell script
26:29 downloading PrivEsc script
27:07 NT authority/system reverse shell
28:40 modiyfing exploit for adding new user "superadmin"
31:16 downloading scripts
31:28 running scripts
31:55 RDP as 'superadmin' user
32:59 looking at Druva
33:26 root flag
33:43 changing password of mickey
34:25 RDP as 'mickey' user
34:50 Recycle Bin having same PrivEsc script


#oscp #offensiveSecurity #pentest #pentestWindows #windows #windowsReverseShelll #windowsPrivilegeEscalation #windowsRDP



*Please Note*
The steps & tools shown in this video are for educational / learning purposes only. Using these techniques/tools etc. beyond taking the consent can/will be considered as a criminal offense; which will be punishable under the law. You will be responsible for all your actions. The author of this video is not responsible for any malicious activity.

Also, don't forget to Like this video and Subscribe the channel.