HackTheBox - Nibbles

s_0GcRGv6Ds/default.jpg

00:18 - Start of Recon
01:15 - Finding hidden directory via Source
02:15 - Downloading NibbleBlog to help us with finding version information
03:59 - Identifying what vresion of NibblesBlog is running
04:42 - Using SearchSploit to find vulnerabilities
05:36 - Examining the Exploit
06:08 - Explanation of exploit
07:25 - Attempting to find valid usernames for NibblesBlog
09:13 - Finding usernames in /content/private
10:15 - Using Hydra to attempt to bruteforce
14:08 - Oh crap. Hydra not good idea we're blocked...
-- Some minor panicing about how to continue
15:40 - Using SSH Proxies to hit nibbles from another box (Falafel)
18:20 - Guessing the password
20:10 - Logged in, lets attempt our exploit!
22:46 - Code Execution achieved. Lets get a reverse shell
24:53 - Reverse shell returned.
26:00 - Running sudo -l examine sudoer, then finding out why sudo took forever to return
26:50 - Privesc via bad sudo rules
32:10 - Alternative PrivEsc via RationalLove

s_0GcRGv6Ds/default.jpg
HackTheBox - Nibbles HackTheBox - Nibbles Reviewed by Anonymous on June 30, 2018 Rating: 5