VulnHub - Sokar

k6ri-LFWEj4/default.jpg

01:08 - Start of Recon (NetDiscover/Masscan/Nmap)
05:37 - Finding the CGI Script and using Shellshock
10:00 - Start creating ShellShock python script
16:08 - Converting script "Forward Shell" for FW Evasion with mkfifo
40:00 - Adding Threading (Background Task) to improve script
45:00 - Script completed - Attempt to enumerate FW Rules
49:00 - Fumbling around with IPv6 (Check out Sneaky Video for more)
53:25 - Reverse shell via IPv6 and ncat
01:05:00 - Reading Bynarr's mail to get password and PrivEsc via LIME/Memory Dum
p
1:07:20 - Unintended PrivEsc via ShellShock + Environment Variables
1:18:20 - Begin of MITM (Man in the Middle) First with Ettercap
1:24:19 - Installing Bettercap2 + Usage
1:33:40 - Spoofing ARP and DNS with BetterCap
1:41:11 - Privesc to root via Git on case-insensitive FS
1:53:30 - Woot root, lets take a look at the IPTable FW
1:56:00 - Explaining the exploit a bit better

k6ri-LFWEj4/default.jpg
VulnHub - Sokar VulnHub - Sokar Reviewed by Unknown on April 06, 2018 Rating: 5