Скачать с ютуб Hacking Education App from Hackthebox | HTB PermX Walkthrough | Ethical Hacking в хорошем качестве

Hacking Education App from Hackthebox | HTB PermX Walkthrough | Ethical Hacking

Join me as I take a deep dive into reconnaissance and exploitation on the PermX machine from Hack The Box! We’ll explore critical security flaws, using powerful tools like Nmap for port scanning and FFuF for subdomain discovery and directory enumeration. Our target is a learning management system (LMS) with unique vulnerabilities, providing an opportunity to practice real-world hacking techniques from initial access to privilege escalation. 🔍 What We'll Learn: Nmap Scanning: Discover open ports and services, focusing on SSH and Apache HTTP. Subdomain & Directory Enumeration: Map hidden subdomains and directories using FFuF. Vulnerability Analysis: Dive into vulnerability research, including specific CVEs. Reverse Shell Execution: Gain an initial foothold using a PHP reverse shell. Privilege Escalation: Run LinPEAS to identify writable directories, database credentials, and hash extractions for deeper access. Embark on this hacking journey with me as we help "V" enhance his job skills while sharpening our own cybersecurity expertise. This video is perfect for aspiring ethical hackers and Hack The Box enthusiasts! Don’t forget to like, subscribe, and turn on notifications to stay updated with more CTF content. TIMESTAMPS: 00:00 Introduction 00:55 Nmap scan 03:20 Burp Suite 03:30 eLearning website 08:30 FFuF enumeration subdomain scan 10:30 Subdomain service unavailable 12:05 FFuF enumeration directory scan 13:50 Searching through directories 15:28 FFuF enumeration directory on subdomain 16:15 Subdomain directory exploration 17:00 Subdomain documentation 17:35 LMS version discovery 18:30 LMS CVE vulnerability search 19:45 CVE discovery for RCE 22:00 PHP reverse shell mistake 23:50 Crafting curl command 26:00 PHP reverse shell correction 26:30 System breached 26:50 TTY shell upgrade 27:45 Setting up http server and downloading LinPEAS 30:40 Running LinPEAS 31:38 LinPEAS credential discovery 33:33 SSH user with credentials 34:45 sudo -l 35:40 acl script 37:10 Symlink 37:40 Privilege escalation to root 43:40 Outro Hashtags: #ethicalhacking #htb #hackthebox #cybersecurity #cybersecuritytutorial #ethicalhacker #ethicalhackingtutorial Affiliate Disclaimer: This video contains an affiliate link, which means I may earn a small commission if you sign up through the link below, at no extra cost to you. Your support helps me continue creating content! 👉 Hack The Box Affiliate Link 👈 https://hacktheboxltd.sjv.io/nXk647 DISCLAIMER: This video is intended for educational purposes only. All activities demonstrated in this video were conducted on legally authorized systems such as HackTheBox & TryHackMe. Unauthorized hacking, including attempts to gain unauthorized access to computers, servers, or other digital assets, is illegal and unethical. Always obtain proper permission before conducting any form of penetration testing or security research. The techniques shown here should only be used in ethical hacking environments, and I am not responsible for any misuse of the information provided.