Want the WireShark Sticker? http://weirdstuffis.online

01:30 - Begin of Recon
02:25 - Enumerating OpenBSD Patch Date via SSH Version
04:00 - Examining port 80... Use Wireshark to see why NMAP gets a response but firefox does not
06:30 - Invalid Requests, will cause HTTP Service to send error message
07:00 - Using ldapsearch to enumerate ldap, use wireshark to see how the nmap script works
21:30 - Using SMBMap to PassTheHash and enumerate fileshares and download Putty Key
23:20 - Using PuttyGen to convert Putty Key to an RSA Key
24:55 - Testing out ssh_enumusers to see if that would have worked to get valid usernames
26:30 - Logged in as Alice, use LinEnum
28:40 - Examining doas configuration (like Sudo -l)
30:00 - Examining HTTPD Configuration to see why we couldn't hit the webserver earlier
32:30 - Examining SSHD Configuration to see SSH is configured to allow CA Signed Keys
34:40 - Getting hashes from SSH Keys to know what publics go to which privates
37:00 - Playing with the SSHAUTH webservice to enumerate what principals go to which users
41:45 - Signing a SSH Key using DoAs to sign a key with the root Principal
45:30 - Testing the key, explaining how this all works
47:30 - Unintended privesc, Xorg exploit