HackTheBox - Acute
00:00 - Intro
01:00 - Start of nmap, the Server Header changes based upon DNS
04:00 - Navigating to the website, discovering the “New Starter Form“ which has some key information like a welcome password and username convention
07:00 - Password spraying the Powershell Web Access (PSWA), discovering a valid credential but wrong host, word document had another host which is valid for edavies
09:15 - Playing around in the PSWA
10:00 - Looking at hidden files, discovering c:\utils\ which states its a directory that is excluded by AV
12:00 - Making the mistake of running WinPEAS inside the PSWA
14:45 - Setting up ConPtyShell to get a proper PTY reverse shell on windows
15:40 - Making some light modifications to ConPtyShell in order to evade antivirus
16:50 - Getting the ConPtyShell and showing the colors/tab autocomplete
19:30 - Running WinPEAS to show another user is logged on (and the AV Exclusions)
21:55 - Switching to Metasploit, because it makes i
5 months ago 00:10:23 1
8 months ago 00:00:00 1
9 months ago 00:04:06 1
10 months ago 00:32:44 18
10 months ago 00:34:38 2
10 months ago 01:27:34 5
10 months ago 00:37:18 6
10 months ago 00:41:25 5
10 months ago 01:46:13 2
10 months ago 01:12:42 4
10 months ago 00:26:29 1
10 months ago 02:06:46 2
10 months ago 00:54:43 11
10 months ago 02:05:30 1
10 months ago 00:33:44 1
11 months ago 00:27:16 1
11 months ago 00:30:39 1
12 months ago 11:21:04 1
1 year ago 01:02:06 17
1 year ago 00:16:21 18
1 year ago 02:09:39 15
1 year ago 00:29:19 2
1 year ago 00:39:17 7
1 year ago 00:42:37 11
