HackTheBox - Blocky
The STTY command I messed up was simply `stty rows ## cols ##`
01:15 - Begin Recon with Reconnoitre
03:15 - Examining findings from Reconnoitre
06:50 - Decompiling java Jar Files with JAD
08:18 - Using JD-GUI
10:33 - Running WPScan
12:10 - Manually enumerating wordpress users
12:43 - SSH To the box and PrivEsc
------ Box Completed, Below extra content (Some mistakes, pretty much do this live without prep)
15:30 - Rabbit hole, gaining access through FTP
17:09 - Finding Wordpress DB Password
18:33 - Switching to WWW-DATA by using phpMyAdmin Wordpress
20:10 - Generating a PHP Password for Wordpress
21:50 - Gaining code execution with Wordpress Admin access
25:40 - Shell as www-data
26:40 - Enumerating Kernel Exploits with Linux-Exploit-Suggester
30:10 - Attempting CVE-2017-6074 Dccp Kernel Exploit (Unstable AF)
2 months ago 00:33:44 1
3 months ago 00:27:16 1
3 months ago 02:00:43 1
3 months ago 00:20:43 1
3 months ago 00:36:09 1
3 months ago 00:30:39 1
3 months ago 00:13:24 1
3 months ago 11:21:04 1
4 months ago 07:22:03 1
4 months ago 00:41:25 4
5 months ago 05:30:24 3
5 months ago 01:02:06 14
5 months ago 00:16:21 18
5 months ago 02:09:39 12
6 months ago 00:15:02 1
6 months ago 00:13:41 1
6 months ago 00:46:30 1
6 months ago 00:09:21 1
6 months ago 00:39:17 7
6 months ago 00:42:37 10
6 months ago 02:34:35 10
6 months ago 00:52:33 9
6 months ago 00:46:53 7
7 months ago 01:21:40 6
