HackTheBox - Acute
00:00 - Intro
01:00 - Start of nmap, the Server Header changes based upon DNS
04:00 - Navigating to the website, discovering the “New Starter Form“ which has some key information like a welcome password and username convention
07:00 - Password spraying the Powershell Web Access (PSWA), discovering a valid credential but wrong host, word document had another host which is valid for edavies
09:15 - Playing around in the PSWA
10:00 - Looking at hidden files, discovering c:\utils\ which states its a directory that is excluded by AV
12:00 - Making the mistake of running WinPEAS inside the PSWA
14:45 - Setting up ConPtyShell to get a proper PTY reverse shell on windows
15:40 - Making some light modifications to ConPtyShell in order to evade antivirus
16:50 - Getting the ConPtyShell and showing the colors/tab autocomplete
19:30 - Running WinPEAS to show another user is logged on (and the AV Exclusions)
21:55 - Switching to Metasploit, because it makes i
2 months ago 00:33:44 1
3 months ago 00:27:16 1
3 months ago 02:00:43 1
3 months ago 00:20:43 1
3 months ago 00:36:09 1
3 months ago 00:30:39 1
3 months ago 00:13:24 1
3 months ago 11:21:04 1
4 months ago 07:22:03 1
4 months ago 00:41:25 4
5 months ago 05:30:24 3
5 months ago 01:02:06 14
5 months ago 00:16:21 18
5 months ago 02:09:39 12
6 months ago 00:15:02 1
6 months ago 00:13:41 1
6 months ago 00:46:30 1
6 months ago 00:09:21 1
6 months ago 00:39:17 7
6 months ago 00:42:37 10
6 months ago 02:34:35 10
6 months ago 00:52:33 9
6 months ago 00:46:53 7
7 months ago 01:21:40 6
