HackTheBox - Keeper
HTML-код
- Опубликовано: 16 июл 2024
- 00:00 - Introduction
01:00 - Start of box
02:00 - Checking out Request Tracker, login with default creds
06:30 - Finding a password in the users description on RT
09:00 - Googling how to get keepass passwords from memory
11:00 - Talking about how this exploit actually works, its because of the textbox!
15:00 - Using strings on the dump file to show how the password looks in memory
20:30 - Searching the keepass, finding a putty private key
23:00 - Converting the putty key to openssh
26:00 - Grabbing root
This was my first htb, excited to see here
was just searching for CVE's for this one, but failed to look into default username and passwords.. Another great video, Ipp!
Ipp's a keeper
Thanks, this video really helped me out!
Every detail matters, I'm interested for sure no matter how long the video is
yeah, I'm glad I just logged into commando for this box, but It's nice to see how I could have done it in linux.
Miss u and love u sir
very nice
Rødgrød med fløde is a Danish tungtwister for joking with foreigners. It is also a dish but it's like an inside joke in Denmark
I completely missed the password in the user comment, but got code exec through RT itself, you can define a custom action and run perl code.
Also I was very lazy and just ran the windows version of puttygen through wine.
I was trying to do that but didint use pearl code, could you share where you found that cve? Didint find anything more specific, just vague explanations
@@superfadelito it's not a CVE, it's a feature. They're called Scrips in RT. You can assign an action to a trigger for example when a ticket gets a comment, you can run a scrip.
Push!
what?! crazy, I remember writing a whole article last year on how to extract those password from memory to then exploit them. now i see this wrong and even a gitbuh python script for it. Lmao
Hey Ipp, who's your favorite SpongeBob character and why is it Squidward?
can you also do new blockchain challenges