Hack The Box Investigation

00:00 Introduction 01:00 Start of nmap 02:00 Start of gobuster 04:00 Discovering an upload form, looking for where things get uploaded 05:50 The upload gives us ExifTool output, including the version number to show it is vulnerable to CVE202223935 08:11 You should really watch The Perl Jam 08:40 Showing the weird syntax of perl s file open and how, leads to RCE 16:15 Back to the box, exploiting and getitng a shell 20:00 Reverse shell returned, looking at the uploaded files 22:35 Running LinPEAS to discover a cron 27:00 There s an outlook email message with an attachment. Copying it then converting to eml format and extracting the file 32:45 The file was an windows event log. Using Chainsaw to search through the logs 38:30 Using Chainsaw and JQ to parse the Successful and Failed logins 42:25 In the failed logins field, there s a password as a username and logging in as smorton 44:35 There s a binary on this b