- Видео 34
- Просмотров 6 142
Bsar | Cyber
Добавлен 7 июн 2023
Breaching Active Directory | TryHackMe
Study session, learning about breaching active directory and mitigation.
Room: tryhackme.com/r/room/breachingad
Module: tryhackme.com/module/hacking-active-directory
Background Music:
Creator Mix
Mellow - creatormix.com/album/mellow-61.html
Mellow 2 - creatormix.com/album/mellow-two-78.html
Tryhackme: tryhackme.com/p/Bsaro
Website: bsar-cyber.github.io/
0:00 - Intro
1:32 - Task 1: Intro to AD Breaches
4:24 - Connecting to AD network
9:40 - Task 2: OSINT and Phishing
12:55 - Task 3: NTLM Authentication Services
24:22 - Task 4: LDAP Bind Credential
37:56 - Task 5: Authentication Replay
52:26 - Task 6: Microsoft Deployment Toolkit
1:08:46 - Task 7: Configuration Files
1:15:48 - Conclusion - Mitigations
Room: tryhackme.com/r/room/breachingad
Module: tryhackme.com/module/hacking-active-directory
Background Music:
Creator Mix
Mellow - creatormix.com/album/mellow-61.html
Mellow 2 - creatormix.com/album/mellow-two-78.html
Tryhackme: tryhackme.com/p/Bsaro
Website: bsar-cyber.github.io/
0:00 - Intro
1:32 - Task 1: Intro to AD Breaches
4:24 - Connecting to AD network
9:40 - Task 2: OSINT and Phishing
12:55 - Task 3: NTLM Authentication Services
24:22 - Task 4: LDAP Bind Credential
37:56 - Task 5: Authentication Replay
52:26 - Task 6: Microsoft Deployment Toolkit
1:08:46 - Task 7: Configuration Files
1:15:48 - Conclusion - Mitigations
Просмотров: 346
Видео
Brainpan I | TryHackMe
Просмотров 2202 месяца назад
Reverse engineering brainpan.exe with Immunity Debugger and Mona. Then exploiting it with Buffer Overflow. Room: tryhackme.com/r/room/gatekeeper Buffer Overflow Prep Room: tryhackme.com/r/room/bufferoverflowprep Buffer Overflow guide by @TCMSecurityAcademy : ruclips.net/video/ncBblM920jw/видео.html Background Music: Creator Mix Mellow - creatormix.com/album/mellow-61.html Mellow 2 - creatormix....
Gatekeeper | TryHackMe | Without Metasploit
Просмотров 1292 месяца назад
Reverse engineering gatekeeper.exe with Immunity Debugger and Mona. Then exploiting it with Buffer Overflow. Then we manually escalate privilege without metasploit. Commands cheatsheet: On Target Windows: xcopy "C:\Users atbat\AppData\Roaming\Mozilla\Firefox\Profiles\ljfn812a.default-release" "C:\Users\Share\firefox" /E /I I recommend typing \firefox on destination file to keep the copy tidy. M...
Brainstorm | TryHackMe | Immunity Debugger
Просмотров 1252 месяца назад
Reverse engineering chatserver.exe with Immunity Debugger and Mona. Then exploiting it with Buffer Overflow. Room: tryhackme.com/r/room/brainstorm Buffer Overflow Prep Room: tryhackme.com/r/room/bufferoverflowprep Tib3rius's scripts: github.com/Tib3rius/Pentest-Cheatsheets/blob/master/exploits/buffer-overflows.rst Resourceful playlist by The Cyber Mentor: ruclips.net/p/PLLKT MCUeix3O0DPbmuaRuR_...
Ultratech | TryHackMe
Просмотров 822 месяца назад
Room: tryhackme.com/r/room/ultratech1 Great Resource: API Injection: www.linkedin.com/pulse/api-pentesting-methodology-impartsecurity Command Injection: book.hacktricks.xyz/pentesting-web/command-injection Playlist: ruclips.net/p/PL1yiNT8X6SBERuJ_cDc7zb58RgjgURmsM Tryhackme: tryhackme.com/p/Bsaro LinkedIn: www.linkedin.com/in/babyka-saroeun/ Background Music: Creator Mix Mellow - creatormix.com...
Buffer Overflow Prep | TryHackMe
Просмотров 2022 месяца назад
Configure and testing the buffer overflow using Immunity Debugger. Probably the longest room I've ever done. I recommend break down the room description to bullet points and following it closely Room: tryhackme.com/r/room/bufferoverflowprep Resourceful playlist by The Cyber Mentor: ruclips.net/p/PLLKT MCUeix3O0DPbmuaRuR_4Hxo4m3G 2022 Video by The Cyber Mentor: ruclips.net/video/ncBblM920jw/виде...
Simple CTF | TryHackMe
Просмотров 953 месяца назад
Room: tryhackme.com/r/room/easyctf Playlist: ruclips.net/p/PL1yiNT8X6SBGin7MROe8Bbhv13sK4MI2g Background Music: Creator Mix Mellow - creatormix.com/album/mellow-61.html Mellow 2 - creatormix.com/album/mellow-two-78.html Tryhackme: tryhackme.com/p/Bsaro
Internal | TryHackMe | With Executive Summary
Просмотров 393 месяца назад
Fun Room. Room: tryhackme.com/r/room/internal Offensive Pentesting Playlist: ruclips.net/p/PL1yiNT8X6SBFyv_ca6GpFAyZdlaDZxj2S Background Music: Creator Mix Mellow - creatormix.com/album/mellow-61.html Mellow 2 - creatormix.com/album/mellow-two-78.html Tryhackme: tryhackme.com/p/Bsaro Timestamp: 00:00 Intro 04:28 Directory Busting & WordPress scan 07:25 Brute force WordPress 13:50 WordPress RCE ...
Relevant | TryHackMe
Просмотров 153 месяца назад
Giving up is not an option, so I kept trying. Room: tryhackme.com/r/room/relevant Offensive Pentesting Playlist: ruclips.net/p/PL1yiNT8X6SBFyv_ca6GpFAyZdlaDZxj2S Background Music: Creator Mix Mellow - creatormix.com/album/mellow-61.html Mellow 2 - creatormix.com/album/mellow-two-78.html Tryhackme: tryhackme.com/p/Bsaro 00:00 Intro 06:22 Enumerate SMB shares 13:08 Gaining Foothold 38:12 First Ro...
CmesS | TryHackMe
Просмотров 323 месяца назад
Room: tryhackme.com/r/room/cmess CTF | TryHackMe Playlist: ruclips.net/p/PL1yiNT8X6SBGin7MROe8Bbhv13sK4MI2g Background Music: Creator Mix Mellow - creatormix.com/album/mellow-61.html Mellow 2 - creatormix.com/album/mellow-two-78.html Tryhackme: tryhackme.com/p/Bsaro 00:00 Intro 02:20 Recon 04:30 Web page enumeration 09:40 Gaining foothold 11:42 Linpeas.sh & SSH 15:38 Priviesc to ROOT
Overpass 2 - Hacked | TryHackMe
Просмотров 403 месяца назад
Analyze pcap file on #wireshark to trace adversary footstep and hack back in to comprised server. Room: tryhackme.com/r/room/overpass2hacked Offensive Pentesting Playlist: ruclips.net/p/PL1yiNT8X6SBFyv_ca6GpFAyZdlaDZxj2S Background Music: Creator Mix Mellow - creatormix.com/album/mellow-61.html Mellow 2 - creatormix.com/album/mellow-two-78.html Tryhackme: tryhackme.com/p/Bsaro 00:00 Intro & Tas...
ICE | TryHackMe | With & Without Metasploit to Root
Просмотров 503 месяца назад
Room: tryhackme.com/r/room/ice CTF | TryHackMe Playlist: ruclips.net/p/PL1yiNT8X6SBGin7MROe8Bbhv13sK4MI2g Resource: Kernel Exploit: github.com/SecWiki/windows-kernel-exploits/tree/master/MS14-040 Hackersploit's video using different Kernel exploit executable: ruclips.net/video/eIy69zUfbgI/видео.html Background Music: Creator Mix Mellow - creatormix.com/album/mellow-61.html Mellow 2 - creatormix...
Basic Malware RE | TryHackMe
Просмотров 1693 месяца назад
Room: tryhackme.com/r/room/basicmalwarere Malware Analysis & Reverse Engineering: ruclips.net/p/PL1yiNT8X6SBEaoeQRP80KrOidI9OrwX9z Resource: Original Room Creator Write-Up: kamransaifullah.medium.com/malwaretech-hide-and-seek-challenges-writeup-57683a726cc7 Ghidra based and Python integer Write-up: hackmd.io/@tahaafarooq/tryhackme_basic_malware_re Install Ida: www.letsdefend.io/blog/how-to-inst...
MAL: REMnux - The Redux | TryHackMe | Prerequisite to Malware Analysis
Просмотров 723 месяца назад
Room: tryhackme.com/r/room/malremnuxv2 Malware Analysis & Reverse Engineering: ruclips.net/p/PL1yiNT8X6SBEaoeQRP80KrOidI9OrwX9z Background Music: Creator Mix Mellow - creatormix.com/album/mellow-61.html Mellow 2 - creatormix.com/album/mellow-two-78.html Tryhackme: tryhackme.com/p/Bsaro
Daily Bugle | TryHackMe
Просмотров 304 месяца назад
Room: tryhackme.com/r/room/dailybugle Offensive Pentesting Playlist: ruclips.net/p/PL1yiNT8X6SBFyv_ca6GpFAyZdlaDZxj2S Background Music: Creator Mix Mellow - creatormix.com/album/mellow-61.html Mellow 2 - creatormix.com/album/mellow-two-78.html Tryhackme: tryhackme.com/p/Bsaro 00:00 Intro 02:05 Question 1 03:30 Question 2 06:22 Question 3 12:00 Initial Foothold 17:00 SSH 21:50 User Flag 23:00 Pr...
Trooper | SOC Challenges | TryHackMe
Просмотров 3374 месяца назад
Trooper | SOC Challenges | TryHackMe
Friday Overtime | SOC Challenges | TryHackMe
Просмотров 6484 месяца назад
Friday Overtime | SOC Challenges | TryHackMe
Eviction | SOC Challenges | TryHackMe
Просмотров 5514 месяца назад
Eviction | SOC Challenges | TryHackMe
Summit | SOC Challenges | TryHackMe
Просмотров 1,4 тыс.4 месяца назад
Summit | SOC Challenges | TryHackMe
Game Zone - With and Without Metasploit | TryHackMe
Просмотров 1064 месяца назад
Game Zone - With and Without Metasploit | TryHackMe
Incident Handling with Splunk | SOC Level 1 | TryHackMe
Просмотров 2865 месяцев назад
Incident Handling with Splunk | SOC Level 1 | TryHackMe
Splunk Basic | SOC Level 1 & Cyber Defense | TryHackMe
Просмотров 265 месяцев назад
Splunk Basic | SOC Level 1 & Cyber Defense | TryHackMe
ItsyBitsy (ELK) | SOC Level 1 | TryHackMe
Просмотров 205 месяцев назад
ItsyBitsy (ELK) | SOC Level 1 | TryHackMe
Investigating with ELK 101 | SOC Level 1 | TryHackMe
Просмотров 505 месяцев назад
Investigating with ELK 101 | SOC Level 1 | TryHackMe
Steel Mountain - With & Without Metasploit | TryHackMe
Просмотров 1085 месяцев назад
Steel Mountain - With & Without Metasploit | TryHackMe
wHEN I GOT TO THE SECOND ONE IT DID NOT WORK
copy 154[.]35.10[.]113 > go to Firewall Manager > Set the first tab to Egress (Connection going out) > Source IP: Any (Any of our IP in the network) > Paste 154[.]35.10[.]113 to Destination IP > Action: Deny. Essentially we want to deny any connection from our network to 154[.]35.10[.]113.
Nice one
Very nice walk through and helped me a lot with the thought process behind your decisions and what you were looking for, thank you, keep posting more :)
I’m sorry….am I misunderstanding when you say xex instead of exe?? Why??
Thank you!
thanks bro, so grateful
thx bro
great video bro
yo thanks for this it helped alot
Do not use the exploit[.]py from Tib3rius github, use his other one from Buffer Overflow Prep room. The send buffer section should goes like: s.send(bytes(buffer + " ", "latin-1")) Edit: Actually use all the script from Buffer Overflow Prep room tryhackme.com/r/room/bufferoverflowprep
For some reason my url doesn't work I pasted into cyberchef and it remained the same as input
Thank you for the video brother .
Thank u bro ,u helped me alots
Glad I could help!
Just subbed to you man, I had a question. Like for the very first question, how do you know its the MD5 that we need to block? Maybe thats a stupid question, but how do we just jump straight to that? That you for the video again, this was very nice!
Short answer: trial and error. Long answer: The goal here is to keep those samples from infecting the system/network. The first sample had a very few uniquely identifiable signature. It only gave us 3 hashes in different formats (MD5, SHA1, and SHA256). I used the MD5 hash to include it in the block list, but it's ok if you use other hash formats and input them into the block list, this is called signature based detection. However, blocking hashes is the most basic form of malware detection; a single character change within the sample can completely alter the string of hashes, rendering a manual hash block list sub optimal. That's why the room forces us to use other methods with other samples to create better endpoint detection and response, which applies a heuristic-based method to identify the pattern/behavior of the malware. Utilizing both methods of detection will create a more comprehensive/optimal response. Sigma rules are one real-life application of malware detection that you will encounter deeper into the learning path, such as SOC level II. Hope this helps! Thanks for watching.
Very helpful Thanks for sharing I enjoyed the lesson!
awesome! to see the strings I used “floss” but got horribly stuck on flag 3 haha. I also used “IDA Free”. Thanks for this video my friend, awesome!
i chose your video because you are the best at providing solutions and helping me understand. Thank you for this excellent video.
Happy to help!
Hy bruh could you help me to unlock my iphone lock Carrier,if it's possible please answer
LOL no, I don't want Mr. Tim Apple and Steve Macbook to haunt me in my sleep.