HackTheBox - Irked (Fixed)

OGFTM_qvtVI/default.jpg

Last video was missing about 2 minutes and cut off at 31:35. Sorry, was an extremely busy week and didn't get to verify everything was good.

00:39 - Begin on Recon
01:39 - Starting a full nmap scan
04:15 - Discovery of IRC
04:35 - Manually looking at IRC
06:00 - Looking at the IRC to understand how to connect to an IRC Server
07:00 - Pulling the IRC Version and discovering the exploit
08:50 - Going into the history of the IRC Backdoor
09:45 - Manually exploiting the IRC Server
13:10 - Shell returned on the server
14:30 - Discovery of .backup which gives a steg password
16:45 - Logging in with djmardov
21:20 - Discovery of SetUID enabled custom binary, viewuser
23:25 - Using ltrace to see what the binary does, executes the file /tmp/listusers
23:50 - Getting a root shell
25:50 - Testing exploiting the binary with "who", fails due to no setuid
27:50 - Looking at the binary within Ghidra

OGFTM_qvtVI/default.jpg
HackTheBox - Irked (Fixed) HackTheBox - Irked (Fixed) Reviewed by Anonymous on April 27, 2019 Rating: 5