How We Used Python to Hack GDB Servers | TryHackMe Airplane CTF скачать в хорошем качестве

How We Used Python to Hack GDB Servers | TryHackMe Airplane CTF

In this video walkthrough, we covered a CTF scenario where we started with nmap scanning followed by enumeration of the web application running on port 8000 where we discovered a directory traversal vulnerability allowing us to read the contents of sensitive files such as /etc/passwd. Using Python, we discovered the process name that is listening on port 6048 discovered during nmap scan. The application name was GDB server and we used Metasploit to exploit it and gain Meterpreter shell. Privilege escalation was achieved horizontally first by looking for binaries with SUID bit set and then to root using ruby. **** Receive Cyber Security Field, Certifications Notes and Special Training Videos    / @motasemhamdan   ****** Writeup https://motasem-notes.net/exploiting-... TryHackMe Airplane https://tryhackme.com/r/room/airplane ******** Google Profile https://maps.app.goo.gl/eLotQQb7Dm6ai... LinkedIn [1]:   / motasem-hamdan-7673289b   [2]:   / motasem-eldad-ha-bb42481b2   Instagram   / motasem.hamdan.official   Twitter   / manmotasem   Facebook   / motasemhamdantty