01:00 - Begin of recon
10:00 - Finding the vulnerable Wordpress Plugin
17:50 - Exploiting lcars plugin
28:30 - Logging into WP and Getting Reverse Shell
35:00 - Wordpress RevShell Returned
40:00 - Using Meterpreter to pivot and provide access to MySQL
50:00 - MySQL Shell Returned
52:00 - Logging into Joomla and Getting Reverse Shell
57:20 - Joomla Reverse Shell returned
59:00 - Getting Reverse Shell on Host OS (port 443)
1:02:00 - Shell Returned begin of local privesc recon
1:12:06 - Beging of Binary Exploitation
1:21:00 - Start writing exploit script
===== Extra Content ======
1:28:30 - Analyzing the PHP SQL Injection Scripts
1:36:30 - Viewing what SQLMap does to exploit this
1:40:00 - Stepping through Double Query Injection
1:47:20 - Writing our own SQL Injection Exploit Script