THREE– Starting Point – Hack The Box // Walkthrough // Kali Linux
Hellow guys, Welcome to my website, and you are watching THREE– Starting Point – Hack The Box // Walkthrough // Kali Linux. and this vIdeo is uploaded by GetCyber at 2024-02-03T09:38:16-08:00. We are pramote this video only for entertainment and educational perpose only. So, I hop you like our website.
Info About This Video
Name |
THREE– Starting Point – Hack The Box // Walkthrough // Kali Linux |
Video Uploader |
Video From GetCyber |
Upload Date |
This Video Uploaded At 03-02-2024 17:38:16 |
Video Discription |
Hey Purple Team, Dan here! Today we dive into the "Three" box, a part of the Hack The Box's Starting Point series using our Kali Linux. 🛡️ NMAP TUTORIAL 👉 https://www.youtube.com/watch?v=W7076RPIgfQ
We tackle the challenge of exploiting a server by uploading a PHP shell into Amazon Web Services (AWS) S3, leading to remote code execution (RCE) and ultimately, capturing the flag. This demonstration is not just about hacking into a system; it's about understanding the vulnerabilities that exist within cloud environments and how they can be mitigated.
We start by exploring the setup of "Three," a seemingly innocuous box that hides its vulnerabilities behind common web technologies. The goal here is to leverage a PHP shell upload vulnerability, a classic but potent attack vector, to gain unauthorized access to the server's inner workings.
The PHP Shell Upload:
The core of our attack involves uploading a malicious PHP script to the server's AWS S3 bucket. This script is not a simple file; it's a doorway through which we can execute commands on the server. We'll walk through how to craft this PHP shell, ensuring it's stealthy enough to bypass basic security measures.
Gaining Access:
With the shell uploaded, the next phase is triggering the script to execute. This step is where the magic happens – using the shell to execute arbitrary code on the server. We'll demonstrate how to interact with the shell, sending commands back and forth, and how to maintain a stable foothold within the server.
Remote Code Execution (RCE):
Remote Code Execution is the ability to run commands on a remote server. In the context of "Three," we exploit our uploaded PHP shell to run commands that explore the server's environment, search for vulnerabilities, and eventually find and display the coveted flag.
Capturing the Flag:
The climax of our journey is capturing the flag, a token hidden within the server that proves we've successfully exploited it using Kali Linux. We'll use our RCE capabilities to navigate the server's file system, locate the flag, and reveal it on screen.
🤓 Follow Me:
https://www.tiktok.com/@getcyber
https://www.linkedin.com/in/danduran-ca/
https://getcyber.me
#HackTheBox #CyberSecurity #kalilinux |
Category |
Science & Technology |
Tags |
Cyber Security | Cyber Learning | Cyber Security for Beginners | InfoSec | Tutorials | Courses | How to | learn cybersecurity | danduran | getcyber | Hack The Box Walkthrough | HTB three Starting point | cyber security course | cyber security tutorial | cyber security training for beginners | PHP Shell | Remote Code Execution (RCE) | kali linux |
More Videos