YouTube Excerpt: This a is a video walk-through of TryHackMe's Devie. If you prefer a written walk-through, you can find it here: https://readysetexploit.gitlab.io/home/thm/devie/ Buy Me A Coffee :) https://www.buymeacoffee.com/hadrian3689 Chapters: 0:00 Intro 1:30 Start of Nmap scan and results 3:50 Reviewing Website 6:30 Reviewing the source. Finding eval is being used 10:50 Running application locally for further testing 13:10 Confirming we have Remote Code Execution 16:00 Confirming Blind RCE with ping 17:15 URL-Encoding Reverse Shell payload 18:50 Access as Bruce. Reviewing notes. 20:00 Focusing on XOR encryption note and script 23:15 Revewing the XOR Plaintext Attack 26:10 Testing XOR Plaintext Attack 28:15 Decrypting Key with Cyberchef 29:00 Decrypting Key with Python 33:20 Decrypting Gordon's password with Python 34:30 Decrypting Gordon's password with Cyberchef 36:10 Manual enumeration as Gordon 37:00 Finding two interesting directories 38:50 Finding that files are being copies every minute 40:30 Finding bash script being run as root 41:20 Going over wildcard use in script 42:10 First way of getting root 49:50 Second way of getting root
This a is a video walk-through of TryHackMe's Devie. If you prefer a written walk-through, you can find it here:...
Curious about TryHackMe - Devie's Color? Explore detailed estimates, income sources, and financial insights that reveal the true scope of their profile.
color style guide
Source ID: 01CAiYM320I
Category: color style guide
View Color Profile ๐
Disclaimer: %niche_term% estimates are based on publicly available data, media reports, and financial analysis. Actual numbers may vary.
Sponsored
Sponsored
Sponsored