Raven1 VulnHub CTF Walkthrough - Boot-To-Root
Vložit
- čas přidán 15. 11. 2018
- Hey guys! HackerSploit here back again with another video, in this CTF episode we will be looking at how to Pwn Raven1 from VulnHub.
Links: www.vulnhub.com/entry/raven-1...
⭐Help Support HackerSploit by using the following links:
🔗 NordVPN: nordvpn.org/hacker
Use the link above or the code below for 77% Off your order
Promo Code: hacker
Patreon: / hackersploit
I Hope you enjoy/enjoyed the video.
If you have any questions or suggestions feel free to ask them in the comments section or on my social networks.
🔗 HackerSploit Website: hsploit.com/
🔗 HackerSploit Android App: play.google.com/store/apps/de...
🔹 Support The Channel
NordVPN Affiliate Link: nordvpn.org/hacker
Patreon: / hackersploit
🔹 Get Our Courses
Get a special discount on our courses:
The Complete Deep Web Course 2018:
www.udemy.com/the-complete-de...
🔹 SOCIAL NETWORKS - Connect With Us!
-------------------------------
Facebook: / hackersploit
Twitter: / hackersploit
Patreon: / hackersploit
--------------------------------
Thanks for watching!
Благодаря за гледането
Kiitos katsomisesta
感谢您观看
Merci d'avoir regardé
Grazie per la visione
Gracias por ver
شكرا للمشاهدة
دیکھنے کے لیے شکریہ
देखने के लिए धन्यवाद
#CTF#Vulnhub#Hacking - Věda a technologie
dude I've been struggling so much with the privesc part on this vm, thank you so much for the vid!
You are damn awesome bro, thanks for the videos.
These videos helps a lot to the beginners.
and one more thing
The way you explain things is quite awesome.
I've seen your video yesterday and subscribed and want to say that your channel is one of best channels, I've watched till now.
Raven 2 was much harder ! Can wait to see your solution ! Great stuff !
awesome work man ! love following your work
love the long vids man
Thanks mate!
Another CTF thank you so much.
Keep it up with your nice educative tutorials need to learn more about ethical hacking
Thank you,
To get wordpress work correctly with style sheet, just add the domain raven.local to the /etc/hosts
The line you need to is :
%IP_of_THE_RAVEN_MACHINE% raven.local
You are the best!!!!
Thank you!
i like these toturials ... thanks a lot.
Good work hackersploit
perfect explanation
Flag1 is in service page in source code, flag3 and 4 is in MySQL database
thank you
This may be a stupid question, but in OSCP, we are not allowed to use nikto, are we? Also, you should have looked for nmap to check if steven was allowed to run it. In most cases, python will do, for escalating into root. But when the normal user is able to run nmap, !sh will also do the case and is faster. Great video overall, ty!
Go on ✌
thanks
Just confused a bit, did you do anything with the les script that you downloaded? And if not, why did you download it?
If you forget the semicolon in mysql just enter ; at the next prompt
bro can you explain on how the shell shock attack works
Great but.. I'm still waiting for the announced URL masking video ahah, what happened to it?
Hi love your vids..If you ever get time can you do a vid on wifi-pumpkin and how to get round (mitmproxy==0.18.2 not satisfied) Seems to be a huge problem with alot of kali users after upgrading kali..apt-get install libssl1.0 and pip2 install mitmproxy==0.18.2 doesn't always work..Personally, the only time I ever got everything working was to install it on an old kali dist.without upgrading...Cheers man
Sir, How do you guess that flag 1 would be right there, I mean there are numerous files in numerous folders! Looking forward to your trick.
Hi, i have tried rooting this machine. But at my first glance I found a directory /vendor. This contains information about phpmailer, where version is: 5.2.16. According to searchsploit, every version below 5.2.20 is vulnerable. That was as far as i got with this, do you think this is worth pursuing? And how would you accomplish that? Thank you for an awesome channel btw! :)
किस प्रकार का सिस्टम आप इस्तेमाल करते है लिनक्स के लिए ।
मेरा सिस्टम dell का है जो स्लो हो जाता है। core i3 है।
Your browser is not the problem... once you edit the hosts file u get a proper display of WordPress...
WordPress is really horny when it comes to absolute URLs
@@SecretLetters 😅
How can I do Cleaning Tracks?
would be nice to post links to the github files used in the description
Great Video !!! Could you please tell us what are the tools you have used...
Uhm. He does. In the video.
I am not able to get the password for michael. And the password michael is showing incorrect.
Bro, how to detect honeypot????
I have a Question, let's imagine that someone searched "my ip" on Google and gave it to me, can i scan it in nmap or use it in metasploit? (to hack their machine). Just asking
Yes.
no
What is your laptop specs?
Can you share your recommended laptop for hacking? 😇😇
You can use any laptop with an i5, 8GB of RAM ( or less, depending on what you want to perform ).
Search always for the best CPU and RAM performance.
For wireless pentesting or something like this you can buy a wireless usb stick.
At last, look also about the motherboard performance.
That are my tips for you. Have a nice a day!
@@Kristofersolerfelsner I would also say look for SSD and good screen
Thanks
@@Kristofersolerfelsner i just bought msi i7 8gb ram, gtx 1050
I also want to play games sometimes 😁
@@nenogeen7153 i don't think an SSD it's fully necessary for start hacking xD btw, if you want a good performance, yes, an SSD it's recommended either.
really sorry but what is user and pass login raven, i'm newbie
Sir can you solve vulhub machine
How did you know Michael is user bro i didnt get it thx in advence and good djob
wpscan
thinks
Plz answer if u know ?
did not see flag1?
What is the login and password for raven 1
I can't understand how did you got root can someone explain to me plz
Ok so, with 'sudo -l' it showed that with the steven account, 'python' was usable as root
so through python he was able to get root to bash by using the simple os commands that allowed root to the '/bin/bash' file
Im awfullllllll at explaining but that might help
Speed 1.5x
what os is that?
ParrotOS
Hello hackersploit can u tell me ....that the bruteforce attack in Kali Linux for hacking Gmail's works correctly or not?
I think they fixed it, you should lower the amount of requests.
Means we have to select the lower number ie 3 to 5
?
@@jackjohn2619 Sorry to say but you can't brute force gmail noOw
They fixed it
You can try LazyBruter... github .com/thebrowserpirates/lazybruter
Hello am the first viewer
i feel so stupid, couldnt do anything by myself
Don't worry man, take it step by step. And do not compare yourself
@@HackerSploit the worst part is, as i have my private ip configured as 192.168.0.1 instead of 192.168.1.1 it didnt configure the right way, so i couldnt even look at the web page... i think thats why i couldnt do anything lol. thanks for the positive comment btw
Not hindi !!!😴
He's not indian.. bitch !