TryHackMe ! RootMe - PHP Reverse Shell// walk-through скачать в хорошем качестве

TryHackMe ! RootMe - PHP Reverse Shell// walk-through

Disclaimer This is educational purpose video only. I did not harm anyone I just do ctfs and make that walkthrough and explain what of the method here in use, so please don't use this because hacking is crime if you do this then it's can land you in jail. I'm not support any kind of illegle or malicious hacking. ================= RootMe A ctf for beginners, can you root me? ----------------------------------------- Task 1 Deploy the machine Connect to TryHackMe network and deploy the machine. If you don't know how to do this, complete the OpenVPN room first. 1 Deploy the machine Task 2 Reconnaissance First, let's get information about the target. 1 Scan the machine, how many ports are open? 2 What version of Apache are running? 3 What service is running on port 22? 4 Find directories on the web server using the GoBuster tool. 5 What is the hidden directory? Task 3 Getting a shell Find a form to upload and get a reverse shell, and find the flag. 1 user.txt Task 4 Privilege escalation Now that we have a shell, let's escalate our privileges to root. Search for files with SUID permission, which file is weird? Find a form to escalate your privileges. root.txt ----------------------------- 00:00-Deploy the machine and start 00:30-Nmap scan to check ports 01:56-searching hidden directory using gobuster tool 02:49-web enumration 03:36-check hidden directory 04:39-searching php-reverse-shell payload 06:42-upload payload on machine and try to get back shell 08:26-update the shell for proper use 10:12-searching user.txt 11:22-i had lost my access so let repate that same process 12:50-privilage esculation 14:02-try to get suid using python 15:57-got root access 16:28-root.txt ------------------------------- #yesspider please support me on patreon   / yesspider   --------------------------------------------------