Hack The Box La Casa De Papel
01:05 Start of nmap 02:50 Attempting to execute an VSFTPD Backdoor via MSF 03:40 Discovering the backdoor opened 6200, discovering a weird shell 04:50 Lets figure out what just happened 06:50 Triggering the backdoor without Metasploit 09:05 Exploring the Psy PHP Shell opened up by the backdoor 10:20 Several functions for executing bash aren t working, checking disablefunctions 11:40 Attempting to bypass disabledfunctions (does not work) 12:50 Using ScanDir() and FileGetContents(), to explore the filesystem 14:50 Identifying we are probably running as the Dali User (Unintended Path) 17:00 Downloading which is a private key to a webserver 21:40 Using the to generate client certificates to access the HTTPS Page 30:25 Weird it didn t work, lets just verify all our certificates are good 32:28 This time it worked We connected to the server 33:20 Failing to add the certificate to BurpSuite 33:50 Discovering F
|
|