HackTheBox Giddy Walkthrough Tutorial - Unifi Video Exploit

Channel:
United States Guided Hacking
Subscribers:
178,000
Published on ● Video Link: https://www.youtube.com/watch?v=phgxctCHyHw


Category:
Walkthrough
Duration: 17:35
3,144 views
0

Support us on Patreon: http://bit.ly/38mnveC
This is a penetration testing tutorial on how to complete the HackTheBox Giddy challenge, it involves SQL Injection, WinRM, cracking an NTLM hash and a privelage escalation vulnerability in Ubiquity Unifi Video

Timestamps:
0:00 Introduction
0:04 Finding open ports with nmap
0:36 Bruteforcing directories with dirsearch
1:58 Checking for sql injection
2:07 Using sqlmap and SMB relay to get user credentials
4:23 Cracking password hash using john
8:05 Using credentials on the PowerShell page
9:24 Exploiting unifivideo application

​HackTheBox Giddy Walkthrough Tutorial - Unifi Video Exploit
In the first part of this htb giddy tutorial, we start by opening the terminal and running nmap to scan the target server and determine what ports are opened. After finding a web server running http and https we go to them in browser and only find a static image on the page. So we proceed to run dirsearch to brute force possible path directories with a predefined word list and we find two directories called 'remote' which is an authentication page to a Windows PowerShell Web Access page however we do not have credentials so it is not useful for us, and 'mvc' which is a template page for a shopping website that might be interesting, so we go to a random product page and check if we can do a sql injection on the URL and we succeed, so we run sqlmap to do a sql injection attack to get a shell and setup a SMB relay with responder to intercept a query and receive the user login and password hash. With the password hash, john can crack it to obtain the real password.

With the credentials in hand we can go back to the PowerShell auth page and login successfully. Using the dir command we find a 'unifivideo' directory, so googling it we find it is exploitable and we can use it to do a local privilege escalation exploit. The unifi video application has a service that runs with admin permissions and when it starts and stops it attempts to execute a file under a directory which normal users can write to, so the unifi video exploit consists of making a malicious executable that will be run by the service, thus we can get the flag this way. You can find other tutorials on our guidedhacking forum. That wraps up this hackthebox walkthrough

Discussion: https://bit.ly/31t3iDv

This video is made by Ismael Vasquez Jr:

Website - https://ismaelvazquezjr.com
Twitter - https://twitter.com/IsmaelVazquezJr
Facebook - https://facebook.com/vazquezjrismael
Github - https://github.com/ismaelvazquezjr
LinkedIn - https://linkedin.com/in/ismael-vazquez-jr-a6abb119b

GH:
Donate on our Forum : http://bit.ly/2HkOco9
Support us on Patreon : http://bit.ly/38mnveC

Follow us on Facebook : http://bit.ly/2vvHfhk
Follow us on Twitter : http://bit.ly/3bC7J1i
Follow us on Twitch : http://bit.ly/39ywOZ2
Follow us on Reddit : http://bit.ly/3bvOB57
Follow us on GitHub : http://bit.ly/2HoNXIS
Follow us on Instagram : http://bit.ly/2SoDOlu



Other Videos By Guided Hacking


2020-08-08How to debug a Virtual Machine with WinDBG Tutorial - KeInitializeDpc
2020-08-05Practical Malware Analysis Ida Pro Tutorial Chapter 5 Lab 5
2020-07-29How to solve Pride #1 CrackMe Tutorial - Beginner Level
2020-07-26HackTheBox Irked Walkthrough - UnrealIRCd Exploit
2020-07-22How to Unpack Malware, How to use Imprec, How to find OEP
2020-07-18How to Hack Gwent - Witcher 3 Cheat Engine Tutorial
2020-07-15Practical Reverse Engineering 2 - Pg 35 Exercise 1 Sample J
2020-07-12How to Hack MineSweeper x32dbg Reversing Tutorial
2020-07-08Practical Malware Analysis Walkthrough - Chapter 1 Labs
2020-07-01Kernel Cheat Tutorial - IOCTL Communication Tutorial - Kernel2
2020-06-27HackTheBox Giddy Walkthrough Tutorial - Unifi Video Exploit
2020-06-20Practical Reverse Engineering Exercise 1 Solution Page 11
2020-06-17HackTheBox Blue Walkthrough Eternal Blue Exploit MS17-010
2020-06-13Simple Wordpress Web Shell Tutorial
2020-06-11Interrupt Descriptor Table Register Tutorial
2020-06-06How to make a C# Trainer With Memory.dll Tutorial
2020-06-05Rake rips the Evo
2020-05-30How to make a Kernel Driver - Setup & Hello World - Kernel1
2020-05-12CS420 7 - Virtual Memory & Multilevel Pointers Tutorial
2020-05-05How to make a Tibia Bot - MMO Botting Tutorial by Petko123 3/3
2020-04-28C# DLL Injector Tutorial C# How To Inject a DLL


Tags:
guidedhacking
sql injection
hackthebox giddy
htb giddy
hack the box giddy
hack the box
htb
hackthebox
unifi video
unify exploit
sql injection tutorial
giddy walkthrough
giddy tutorial
giddy
sql injection attack
unifi video exploit
ubiquiti networks