HackTheBox - Shrek

tI592BjTd4o/default.jpg

01:00 - Nmap
02:23 - Examining the Web Page
04:08 - GoBuster
04:53 - Finding /uploads/ Directory
05:50 - Finding /secret_area_51/ Directory
06:20 - Using Audacity to find Steg in Audio
08:50 - FTP With Creds revealed from Steg
10:06 - Examining files downloaded from FTP
12:43 - Finding decryption key + blob
14:33 - Using Python seccure to decrypt ecc
16:05 - SSH Into Shrek as SEC
16:35 - Farquad Rabbit Hole
17:42 - Incident Response : Finding files modified between two times
20:47 - What is /usr/src/thoughts.txt?
21:45 - Privesc through cron running: chown *

tI592BjTd4o/default.jpg
HackTheBox - Shrek HackTheBox - Shrek Reviewed by Unknown on February 03, 2018 Rating: 5