HackTheBox - Acute
00:00 - Intro
01:00 - Start of nmap, the Server Header changes based upon DNS
04:00 - Navigating to the website, discovering the “New Starter Form“ which has some key information like a welcome password and username convention
07:00 - Password spraying the Powershell Web Access (PSWA), discovering a valid credential but wrong host, word document had another host which is valid for edavies
09:15 - Playing around in the PSWA
10:00 - Looking at hidden files, discovering c:\utils\ which states its a directory that is excluded by AV
12:00 - Making the mistake of running WinPEAS inside the PSWA
14:45 - Setting up ConPtyShell to get a proper PTY reverse shell on windows
15:40 - Making some light modifications to ConPtyShell in order to evade antivirus
16:50 - Getting the ConPtyShell and showing the colors/tab autocomplete
19:30 - Running WinPEAS to show another user is logged on (and the AV Exclusions)
21:55 - Switching to Metasploit, because it makes i
5 years ago 00:41:52 21
3 years ago 01:35:23 21
3 years ago 02:19:39 34
1 year ago 02:09:39 15
4 years ago 00:59:17 7
2 years ago 00:29:32 7
4 years ago 00:33:08 4
4 years ago 00:42:17 5
1 year ago 00:26:29 1
3 years ago 00:26:05 24
2 years ago 00:29:22 8
4 years ago 01:02:12 6
4 years ago 00:57:06 2
4 years ago 00:16:02 1
6 years ago 01:22:36 1
3 years ago 00:40:01 31
6 years ago 04:28:24 7
1 year ago 02:06:46 2
4 years ago 01:33:24 3
1 year ago 01:46:13 2
4 years ago 01:03:57 3
4 years ago 00:57:33 1
3 years ago 01:28:45 23
3 years ago 00:43:18 50
