Скачать или смотреть Smol TryHackMe Walkthrough | Medium

Smol TryHackMe Walkthrough | Medium

hackingctfstalkscybersecurityredteamwriteupwalkthroughtryhackme

Скачать Smol TryHackMe Walkthrough | Medium бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно Smol TryHackMe Walkthrough | Medium или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Информация по загрузке:

Cкачать музыку Smol TryHackMe Walkthrough | Medium бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео Smol TryHackMe Walkthrough | Medium

In this video we are doing tryhackme's new boot to root machine - Smol made by - [ https://tryhackme.com/r/p/josemlwdf ]. Here we have a basic wordpress site. On running wpscan on it we identify a plugin which has publically known CVE for SSRF which will help us get past the wordpress login and from wordpress dashboard we will find a private note for webmaster's tasks which will hint towards a backdoored plugin as also mentioned in the challenge description following the hint we get our initial foothold on the box and grab phpass hashes of the users and crack the password for one of the user. After that we can grab the ssh private key form another user's home directory. From there we will get our hands on a zip file containing old wordpress config files but it's password protected zip. So we transfer that to our box and crack its password using john the ripper and grab another user's password from wp-config.php file. At last that user has all perms with sudo so, we can just directly get to root and grab our last flag. Hope you'll learn something new. 🙏🚀❤️

Please leave a comment!
[ tryhackme - https://tryhackme.com/r/room/smol ]

⭐️ Video Contents ⭐
⌨️ 0:00 ⏩ Intro
⌨️ 0:42 ⏩ Initial Enumeration on the box
⌨️ 1:58 ⏩ Found the vulnerable plugin and getting access to wordpress dashboard as user wpuser
⌨️ 4:15 ⏩ Getting initial foothold on the box via rce because of a backdoored plugin we found
⌨️ 11:37 ⏩ Privesc to diego user using cracked password
⌨️ 14:39 ⏩ Logging in as think user using its ssh private key
⌨️ 15:59 ⏩ Privesc to gegi as think and gege are both part of dev group
⌨️ 18:50 ⏩ Privesc to xavi using creds found in old wp-config.php
⌨️ 19:30 ⏩ Privesc to root and Final thoughts

Follow me on social media:
● / hoodietramp

Blog:
● https://blog.h00dy.me

Github:
● https://github.com/hoodietramp

Mastodon:
● https://defcon.social/@h00dy
● https://infosec.exchange/@h00dy

Support This Tramp!
Donations are not required but are greatly appreciated!
💸Ko-Fi: https://ko-fi.com/h00dy

#tryhackme #ctf #boot2root #redteam #walkthrough #pentesting

Комментарии

Информация по комментариям в разработке