HackTheBox - Introduction To Binary Exploitation Track Playlist: https://www.youtube.com/playlist?list=PLeSXUd883dhjnFXPf2QA0KnUnJnn9dPWy
▶️ YouTube: https://www.youtube.com/c/PinkDraconian
? Patreon: https://www.patreon.com/PinkDraconian
? Twitter: https://twitter.com/PinkDraconian
? TikTok: https://www.tiktok.com/@pinkdraconian
ℹ️ LinkedIn: https://www.linkedin.com/in/robbe-van-roey-365666195/
? Discord: PinkDraconian#9907
? Instagram: https://www.instagram.com/robbevanroey/
?️ Website: http://pinkdraconian.d4rkc0de.com/
?? HackTheBox: https://www.hackthebox.eu/home/users/profile/129531
? Reddit: https://www.reddit.com/user/PinkDraconian
☁️ Steam: https://steamcommunity.com/id/PinkDraconian
? GitHub: https://github.com/PinkDraconian
CTF: HackTheBox
Link: https://www.hackthebox.eu/
Category: Pwn
Challenge name: HTB Console
Difficulty: 4/10
00:00 Introduction
00:30 Checking out the binary
01:30 Opening in Ghidra
02:40 Finding the buffer overflow
03:30 Getting offset to RIP to know how much padding we need
05:00 Looking for bad function/instruction we can use in a ROP using objdump
06:50 We need to pass an argument using RDI, so we need a ROP chain
11:00 Finding a way to get a string in memory that we have a pointer to
...
https://www.youtube.com/watch?v=BQOInyDjfV0
DISCLAIMER: A small mistake was made when showing how to crack the rar. A '=' should be included between '--wordlist' and 'path/to/rockyou.txt'!
CTF: BambooFox CTF
Link: https://ctf.bamboofox.cs.nctu.edu.tw
CTFTime link: https://ctftime.org/event/953
Category: Misc
Challenge name: I can't see you!
Description: Can you know me? (all capital letters)
Difficulty: 2/10
Github with artefacts: https://github.com/PinkDraconian/CTF/tree/master/BambooFox%20CTF/Misc/I%20can't%20see%20you!
...
https://www.youtube.com/watch?v=sztKrWogFLg
CTF: AUCTF
CTF Link: https://ctf.auburn.edu/
CTFTime link: https://ctftime.org/event/1020
Category: Pwn
Challenge name: Thanksgiving Dinner
Description: I just ate a huge dinner. I can barley eat anymore... so please don't give me too much!
nc challenges.auctf.com 30011
Note: ASLR is disabled for this challenge
Difficulty: 4/10
Github with artefacts: https://github.com/PinkDraconian/CTF/tree/master/AUCTF/Thanksgiving%20Dinner
...
https://www.youtube.com/watch?v=-sdAjeTYJSA
I had a chance to work together with Google Bug Hunters on a video regarding HTTP Request Smuggling false positives. This is the result.
▶️ YouTube: https://www.youtube.com/c/PinkDraconian
? Patreon: https://www.patreon.com/PinkDraconian
? Twitter: https://twitter.com/PinkDraconian
? TikTok: https://www.tiktok.com/@pinkdraconian
ℹ️ LinkedIn: https://www.linkedin.com/in/robbe-van-roey-365666195/
? Discord: PinkDraconian#9907
? Instagram: https://www.instagram.com/robbevanroey/
?️ Website: http://pinkdraconian.d4rkc0de.com/
?? HackTheBox: https://www.hackthebox.eu/home/users/profile/129531
? Reddit: https://www.reddit.com/user/PinkDraconian
☁️ Steam: https://steamcommunity.com/id/PinkDraconian
? GitHub: https://github.com/PinkDraconian
...
https://www.youtube.com/watch?v=7wq2e2nxa38
▶️ YouTube: https://www.youtube.com/c/PinkDraconian
? Twitter: https://twitter.com/PinkDraconian
? TikTok: https://www.tiktok.com/@pinkdraconian
ℹ️ LinkedIn: https://www.linkedin.com/in/robbe-van-roey-365666195/
? Discord: PinkDraconian#9907
? Instagram: https://www.instagram.com/robbevanroey/
?️ Website: http://pinkdraconian.d4rkc0de.com/
?? HackTheBox: https://www.hackthebox.eu/home/users/profile/129531 Twitter: https://twitter.com/PinkDraconian
Discord: PinkDraconian#9907
Website: http://pinkdraconian.d4rkc0de.com/
Platform: CyberSecLabs
Platform Link: https://www.cyberseclabs.co.uk/
Category: Machine
OS: Linux
Challenge name: Leakage
Difficulty: 1/10
00:00 Introduction
00:10 Nmap scan
00:23 Checkin out gitlab on port 80, making an account
00:50 Checking out public projects on gitlab seeing a commit to config.php containing credentials
01:35 Testing credentials on gitlab
01:45 Access to a new project containing a private rsa key, which we use to ssh in as jonathan
02:30 Key has a password so let's crack the key with john and ssh2john
03:20 Uploading linpeas with scp
04:00 Running linpeas.sh
05:10 nano has SUID bit set, we can run it as root
06:00 Uploading public key to /root/.ssh/authorized_keys to ssh as root
...
https://www.youtube.com/watch?v=WeHYVYRjeg8