Hack The Box Talkative

Views: 2

00:00 Intro 01:00 Start of nmap 02:45 Taking a look at websites, making note of all login prompts (bolt, rocketchat) 07:15 Start of looking at Jamovi, using the Rj Editor to execute code and get a reverse shell 09:10 Using cat to send files over the network to our box and viewing the boltadministration document 12:50 Taking a credential from the document and logging into Bolt CMS 13:40 Editing a theme in bolt to give us code execution 19:00 Using script to get a full PTY since python isn t on this box 20:40 Looking for passwords for bolt, finding a sqlite database 25:45 Getting the ip address of the box via the hostname command since ifconfig and ip were not on the box 26:40 Using, proc, net, tcp to get listening ports 29:20 Using the docker container to SSH into the host computer via its docker IP 31:25 Using ps ef forest to view running processes, can see inside docker containers to find mongo 34:50 Using bash to perform a portscan bas