Nocturnal - HackTheBox (HTB) CTF Walkthrough
NTH Security
View ChannelAbout
No channel description available.
Video Description
HackTheBox Nocturnal CTF Walkthrough with explanation for beginners! This was a lovely box which demonstrated a ton of cool vulnerabilities! After some enumeration, we found a file storage service which had a major Insecure Direct Object Reference (IDOR) vulnerability. We chained this vulnerability with command injection to gain command execution. From there, we were able to gain an initial foothold by downloading an internal database, cracking a hash, and using SSH to gain access. Privilege escalation was a real treat, as we leveraged an internal web service running outdated software, allowing for code execution as root. HTB Machine - https://app.hackthebox.com/machines/Nocturnal My Github (More walkthroughs!) - https://github.com/NTHSec/CTF-Writeups My Medium (More walkthroughs!) - https://medium.com/@NTHSec -------------------------------------------------------------------------------------------------- Time Stamps: 0:00 - Intro 0:50 - Initial Nmap Scans 2:15 - Exploring the website functionality 5:15 - Using Gobuster and find Directories & PHP Pages 6:15 - Using Caido to intercept and analyze HTTP requests to the server 9:15 - Exploring the view.php functionality 10:30 - Explaining and exploiting an IDOR vulnerability on the username parameter 15:00 - Viewing and downloading amanda's file to uncover her password 16:40 - Exploring the admin panel and the PHP source code 20:30 - Breaking down the zip command for command injection 26:30 - Explaining how we can leverage a URL-encoded to run dangerous commands 29:40 - Exploring the file system with our command injection payload & getting a revshell 32:30 - Transferring the nocturnal database to our kali machine and exploring it. 33:45 - Cracking tobias' hash and SSHing in as tobias 35:45 - Running LinPEAS and exploring the LinPEAS output. 39:45 - Enumerating the open internal http port (8080) 44:00 - Finding an authenticated CVE to exploit ISPConfig to gain a root shell 46:20 - Getting a fully fledged root shell 47:30 - Outro
CTF Hacking Essentials
AI-recommended products based on this video
10.1 Inch Touch Portable Monitor IPS Screen 1366x768P 60Hz 400 Brightness 99% sRGB HDMI USB-C Monitors Switch for Xbox PS3/4/5 Laptop Compatible with Raspberry Pi, Mini Touch Screen
Firefly Variety 8 Pack - Fire Starter Accessory for Swiss Army Victorinox Knives (Neon Green-Yellow Glow)
