NanoCherryCTF TryHackMe Walkthrough | Medium [ Bash One Liners ] 🍒

Скачать NanoCherryCTF TryHackMe Walkthrough | Medium [ Bash One Liners ] 🍒 бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно NanoCherryCTF TryHackMe Walkthrough | Medium [ Bash One Liners ] 🍒 или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Cкачать музыку NanoCherryCTF TryHackMe Walkthrough | Medium [ Bash One Liners ] 🍒 бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео NanoCherryCTF TryHackMe Walkthrough | Medium [ Bash One Liners ] 🍒

In this video we are hacking into tryhackme's new ctf challenge - NanoCherryCTF by - [ https://tryhackme.com/p/dsneddon00 ]. In this we already got a backdoor access to notsus user setup by a guy name jex on the box to get started from there we will escalate to bob-boba user using a cronjob running as bob-boba user and write permissions on /etc/hosts file. After that we add the nano subdomain we found to our /etc/hosts and access it on the web, we found a login page that we are gonna brute force and get access to molly's dashboard and also to her ssh password. Moving next, we go back to port 80 and start enumerating the website, we found /content.php where we can check facts based on ice-cream but the url looks interesting, so we basically use a bash one-liner to enumerate it basically exploiting idor vuln and check for some lead and we do found sam-sprinkles ssh password there. Finally, we got a .wav file which is basically Slow-scan television (SSTV), a picture transmission method, used mainly by amateur radio operators, to transmit and receive static pictures via radio in monochrome or color, we will use qsstv to retrieve the password for root. Hope you'll learn something new. 🙏🚀❤️

[ tryhackme - https://tryhackme.com/r/room/nanocher... ]

⭐️ Video Contents ⭐
⌨️ 0:00 ⏩ Intro
⌨️ 0:29 ⏩ Starting Ctf (Initial Enumeration)
⌨️ 3:46 ⏩ SSH into notsus
⌨️ 5:55 ⏩ Privesc to bob-boba (chad-key3)
⌨️ 9:27 ⏩ Enumerating sub-domain
⌨️ 12:00 ⏩ Brute-Forcing Creds for Molly's dashboard (chad-key1)
⌨️ 19:11 ⏩ Enumerating port 80
⌨️ 21:21 ⏩ Brute-Forcing ice-cream facts (IDOR + chad-key2)
⌨️ 24:44 ⏩ PrivEsc To Root (SSTV)
⌨️ 27:37 ⏩ Final POVs

Follow me on social media:
●   / hoodietramp
●   / hoodietramp

Blog:
● https://blog.h00dy.me

Github:
● https://github.com/hoodietramp

Mastodon:
● https://mastodon.social/@h00dy
● https://defcon.social/@h00dy
● https://infosec.exchange/@h00dy

Join 345y🛸:
●   / discord

Support This Tramp!
Donations are not required but are greatly appreciated!
💸BuyMeACoffee: https://buymeacoffee.com/h00dy

#tryhackme #ctf #boot2root #redteam #walkthrough #pentesting