HackTheBox - Irked
Last video was missing about 2 minutes and cut off at 31:35. Sorry, was an extremely busy week and didn’t get to verify everything was good.
00:39 - Begin on Recon
01:39 - Starting a full nmap scan
04:15 - Discovery of IRC
04:35 - Manually looking at IRC
06:00 - Looking at the IRC to understand how to connect to an IRC Server
07:00 - Pulling the IRC Version and discovering the exploit
08:50 - Going into the history of the IRC Backdoor
09:45 - Manually exploiting the IRC Server
13:10 - Shell returned on the server
14:30 - Discovery of .backup which gives a steg password
16:45 - Logging in with djmardov
21:20 - Discovery of SetUID enabled custom binary, viewuser
23:25 - Using ltrace to see what the binary does, executes the file /tmp/listusers
23:50 - Getting a root shell
25:50 - Testing exploiting the binary with “who“, fails due to no setuid
27:50 - Looking at the binary within Ghidra
4 months ago 00:00:00 1
6 months ago 00:04:06 1
6 months ago 00:32:44 18
6 months ago 00:34:38 2
6 months ago 01:27:34 5
6 months ago 00:37:18 6
6 months ago 00:41:25 5
6 months ago 01:46:13 2
6 months ago 01:12:42 3
6 months ago 00:26:29 1
6 months ago 02:06:46 2
6 months ago 00:54:43 11
6 months ago 02:05:30 1
7 months ago 00:33:44 1
7 months ago 00:27:16 1
7 months ago 00:30:39 1
8 months ago 11:21:04 1
9 months ago 05:30:24 3
9 months ago 01:02:06 16
9 months ago 00:16:21 18
9 months ago 02:09:39 14
10 months ago 00:29:19 2
10 months ago 00:39:17 7
10 months ago 00:42:37 10
