01:05 - Start of Recon + Finding dompdf
08:30 - PHP Wrappers + Failed testing for RCE
11:35 - Writing Python Program to automate file disclosure bug
18:40 - Finding WebDav Configuration + Uploading Files for RCE
25:50 - Modifying Sokar's Forward Shell (PTY over HTTP)
33:55 - Forward shell returned
38:50 - Using Squid to pivot to ports listening locally + NMAP via ProxyChains
47:48 - Getting nmap on Inception to speed up scanning private network
59:16 - Nmap results returned for 192.168.0.1, FTP Anonymous Login
1:01:15 - Finding TFTP as a Running Service
1:06:35 - Using TFTP to grab crontab & creating a pre-invoke apt script