Скачать или смотреть TryHackMe-Steel Mountain

00:00-intro
00:49-Start of Nmap Scan to see Open Ports
02:50-Using Smbmap and Smbclient to see the share but we got an authentication error
03:57-Looking at the web-server on port 80
04:55-Using wget to download the image of bill harper and performing strings operation
05:53-Looking at web-server running on port 8080
06:20-using searchsploit to look for rejetto httpfile server exploits
08:15-Trying to explain the rejetto file server vulnerability
09:46-Using Metasploit to exploit rejetto httpfile server vulnerability
12:55-using load powershell module in metasploit
13:47-2nd Method (Manual Way) to exploit rejetto httpfile server which uses nc.exe binary
20:40-3rd Method (Manual Way) to exploit rejetto using powershell reverse shell
27:55-Getting cmd command promt again using nc.exe to start privilege escalation
28:24-Start of Privilege Escalation
29:22-Looking at systeminfo to see for kernel exploits
31:48-Looking for service running manually using net start command
32:22-Downloading WinPeas(One of the best) for automated enumeration of system
33:32-Using certutil for transfering winpeas to target system
35:00-Lokking at winpeas results
37:21-AdvancedSystemCareService9 was running looking at its exploits
38:20-trying to explain unquoted Service Path exploitation Vulnerability
39:46-Can we start and stop the service??? lets see
42:05-Creating exe file using msfvenom for target system
44:30-Using copy in windows to copy files from one dir to another
47:15-Starting netcat to listen for final root shell and starting the service
48:25-Answering the Questions of TryHackMe and completing the box