HackTheBox - Chatterbox

_dRrvJNdP-s/default.jpg

01:18 - Begin of Recon
04:55 - Start of aChat buffer Overflow: Finding the exploit script with Searchsploit
07:24 - Begin of replacing POC's Calc Shellcode with what is generated from MSFVenom
14:30 - Whoops, erased too much out of POC. Lets correctly replace the shellcode this time and get a shell.
17:50 - Running PowerUp to find AutoLogon Credentials
20:05 - Running Code as Administrator
24:18 - First Privesc Method: Using Start-Process to execute commands as a different user because Invoke-Command did not work.
27:30 - Alternate way to read root.txt -- Alfred owns root.txt, so he can edit the files access list. Get-ACL to view access list and cacls to modify
33:12 - Summary of the box
### BOX DONE
34:37 - Doing the box with Metasaploit, Warning: Lots of fails.
43:10 - Using meterpreters PortFwd to bypass ChatterBox's firewall and access port 445
51:25 - Doing the box with Empire!
58:20 - Using Empire's Run_As module to execute commands as Administrator

_dRrvJNdP-s/default.jpg
HackTheBox - Chatterbox HackTheBox - Chatterbox Reviewed by Anonymous on June 16, 2018 Rating: 5