Cyber Mayhem Blue Team Gameplay: Process Monitoring with Snoopy (LD_Preload)

hack the boxhacktheboxhackingcybersecurityinfosecpentestinghacking battlegroundscyber mayhemblue teamred teamattack defensegaming

Скачать Cyber Mayhem Blue Team Gameplay: Process Monitoring with Snoopy (LD_Preload) бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно Cyber Mayhem Blue Team Gameplay: Process Monitoring with Snoopy (LD_Preload) или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Cкачать музыку Cyber Mayhem Blue Team Gameplay: Process Monitoring with Snoopy (LD_Preload) бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео Cyber Mayhem Blue Team Gameplay: Process Monitoring with Snoopy (LD_Preload)

00:00 - Intro
01:00 - Explaining what LD_PRELOAD is
08:48 - Compiling and installing Snoopy
11:10 - Inspecting how Snoopy is installed, so we can make our own install script without compiling
13:08 - Checking auth.log after snoopy is installed to see it working!
15:30 - Creating a Snoopy installer script on our parrot machine
20:40 - Showing Snoopy won't capture everything via using python to access a file two different ways
22:06 - Reverting our machine, so we can test our install script
28:00 - In the Hacking Battlegrounds lobby!
29:30 - Installing Snoopy on all four of our castles
30:20 - Showing tmux magic - Using synchronize-panes to send our keystrokes to all panes
31:55 - TROLL: Renaming NANO to VI and VI to NANO on one of the boxes for lulz
33:10 - Using a watch command across all our terminals to look for a reverse shell
35:05 - Checking out the first box because of the JAVA Process, and seeing if snoopy see's activity
36:20 - Starting a TCPDump across all of our machines with nohup so it goes in the background
37:40 - Found a shell on the second box! Let's take a look!
38:20 - TROLL: Python PTY found, lets send a message whenever people use pty.py
40:40 - Using Snoopy to snitch out on the Health Checks to find out why it is failing
43:30 - Using find to list files modified recently
46:40 - Editing the sudoers file to keep him from privesc'ing
51:00 - TROLL: He deleted our pcap! Let's break the rm command
51:50 - PRIVESC: Found a cronjob, trolling myself trying to remove it
52:20 - Let's review snoopy, to see what PID edited the crontab, then checking what else happened
58:40 - Someone is on the third box! Let's take a look. See he grabbed the flag directly from apache. Putting a fun patch in
1:03:30 - Going back to the second box, someone accessed a flag, using auth.log to show us an upload script
1:04:27 - The user is using the php system() command to manipulate a shell. Disabling the system() command in php
1:06:10 - Grepping flag.txt on auth.log to see how the user privesc'd... Used Script instead of Python PTY to establish a PTY
1:10:00 - Verifying System() is disabled by checking php error log
1:16:30 - Grabbing a PCAP To show we can do IR based upon pcap data as well