filmov
tv
TryHackMe ! Easy Peasy // vulnerable cronjob // walk-through
Показать описание
Disclaimer
This is educational purpose video only. I did not harm anyone I just do ctfs and make that walkthrough and explain what of the method here in use, so please don't use this because hacking is crime if you do this then it's can land you in jail.
I'm not support any kind of illegle or malicious hacking.
======================
Easy Peasy
------------------------------
Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob.
---------------------------------------------------------------------
Task 1 Enumeration through Nmap
----------------------------------------------------------------------
00:00-Deploy the machine attached to this task and use nmap to enumerate it.
01:05-How many ports are open?
01:43-What is the version of nginx?
02:56-What is running on the highest port?
-----------------------------------------------------------------------
Task 2 Compromising the machine
----------------------------------------------------------------------
Now you've enumerated the machine, answer questions and compromise it!
04:00-Using GoBuster
05:32-find flag 1.
08:54-What is the hidden directory?
10:43-decrypt md5 hash
11:56-decrypt gost hash
Using the wordlist that provided to you in this task crack the hash
13:59-what is the password?
16:40-Further enumerate the machine, what is flag 2?
17:16-What is the password to login to the machine via SSH?
19:17-What is the user flag?
25:53-get one other same user shell
27:47-run payloads for root access
28:39-What is the root flag?
-------------------------------
#yesspider
please support me on patreon
--------------------------------------------------
This is educational purpose video only. I did not harm anyone I just do ctfs and make that walkthrough and explain what of the method here in use, so please don't use this because hacking is crime if you do this then it's can land you in jail.
I'm not support any kind of illegle or malicious hacking.
======================
Easy Peasy
------------------------------
Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob.
---------------------------------------------------------------------
Task 1 Enumeration through Nmap
----------------------------------------------------------------------
00:00-Deploy the machine attached to this task and use nmap to enumerate it.
01:05-How many ports are open?
01:43-What is the version of nginx?
02:56-What is running on the highest port?
-----------------------------------------------------------------------
Task 2 Compromising the machine
----------------------------------------------------------------------
Now you've enumerated the machine, answer questions and compromise it!
04:00-Using GoBuster
05:32-find flag 1.
08:54-What is the hidden directory?
10:43-decrypt md5 hash
11:56-decrypt gost hash
Using the wordlist that provided to you in this task crack the hash
13:59-what is the password?
16:40-Further enumerate the machine, what is flag 2?
17:16-What is the password to login to the machine via SSH?
19:17-What is the user flag?
25:53-get one other same user shell
27:47-run payloads for root access
28:39-What is the root flag?
-------------------------------
#yesspider
please support me on patreon
--------------------------------------------------
0:17:46
0:28:57
0:31:27
0:36:57
0:18:16
![[FR] TryHackMe -](https://i.ytimg.com/vi/_p-08Sl-SlY/hqdefault.jpg)
0:31:19
0:46:25
0:29:19
0:41:18
0:32:11
0:10:59
0:10:14
0:04:53
0:40:19
0:46:55
1:30:57
0:09:23
0:25:29
0:23:12
0:10:26
0:24:05
0:00:35
0:22:22
0:36:40