HackTheBox - Blocky
The STTY command I messed up was simply `stty rows ## cols ##`
01:15 - Begin Recon with Reconnoitre
03:15 - Examining findings from Reconnoitre
06:50 - Decompiling java Jar Files with JAD
08:18 - Using JD-GUI
10:33 - Running WPScan
12:10 - Manually enumerating wordpress users
12:43 - SSH To the box and PrivEsc
------ Box Completed, Below extra content (Some mistakes, pretty much do this live without prep)
15:30 - Rabbit hole, gaining access through FTP
17:09 - Finding Wordpress DB Password
18:33 - Switching to WWW-DATA by using phpMyAdmin Wordpress
20:10 - Generating a PHP Password for Wordpress
21:50 - Gaining code execution with Wordpress Admin access
25:40 - Shell as www-data
26:40 - Enumerating Kernel Exploits with Linux-Exploit-Suggester
30:10 - Attempting CVE-2017-6074 Dccp Kernel Exploit (Unstable AF)
3 months ago 00:10:23 1
6 months ago 00:00:00 1
7 months ago 00:04:06 1
8 months ago 00:32:44 18
8 months ago 00:34:38 2
8 months ago 01:27:34 5
8 months ago 00:37:18 6
8 months ago 00:41:25 5
8 months ago 01:46:13 2
8 months ago 01:12:42 4
8 months ago 00:26:29 1
8 months ago 02:06:46 2
8 months ago 00:54:43 11
8 months ago 02:05:30 1
8 months ago 00:33:44 1
9 months ago 00:27:16 1
9 months ago 00:30:39 1
10 months ago 11:21:04 1
11 months ago 05:30:24 3
11 months ago 01:02:06 16
11 months ago 00:16:21 18
11 months ago 02:09:39 15
12 months ago 00:29:19 2
1 year ago 00:39:17 7
