HackTheBox - OneTwoSeven (SpeedRun) скачать в хорошем качестве

HackTheBox - OneTwoSeven (SpeedRun)

-- Disclosing Source Code via Symbolic Link 00:11 - Port Scan 00:52 - SFTP Enumeration 01:08 - Creating Symbolic Link to /etc/passwd 01:20 - Viewing Linked /etc/passwd on Website 01:34 - Creating Symbolic Link to signup.php 01:46 - Source Code Disclosure of signup.php 01:54 - Recovering Username & Password -- Accessing Internal Administration Backend 03:02 - Creating Symbolic Link to /var/www 03:32 - Vim Swap File Discovery 03:45 - Admin Password Hash Cracking 04:20 - Internal Port Discovery (60080/tcp) 04:37 - Local Port Forwarding 05:09 - Administration Backend Access 05:28 - Creating Symbolic Link menu.php 06:11 - Upload Directory & Upload URI Discovery 06:22 - Bypassing Client-Side Restriction in HTML 06:55 - Uploading Reverse Shell -- APT MiTM Package Injection 08:08 - Obtaining PTY Shell 08:20 - Misconfigured Sudo Privilege for apt-get 08:30 - Hijacking Package Domain via Environment Variable 08:46 - Setting Up File Structure to Serve Custom .deb Package 09:28 - Backdooring .deb Package 10:39 - Creating Valid Packages File 11:52 - Creating Valid Release File 15:08 - Starting Web Server 15:18 - Installing Backdoored .deb Package 15:59 - Privilege Escalation Thank you for watching! Please subscribe and like to support the channel :)