Solving Vulnerable Machines from VulnHub/ HackTheBox null Mumbai Public Puliya 28 April 2018 Solving Vulnerable Machines from VulnHub/ HackTheBox
Abstract
This Null Puliya session would walkthru the steps below which could be followed to find vulnerabilities, exploit these vulnerabilities and finally achieve system/ root.
Generally, we go through the following stages when solving a vulnerable machine:
- Finding the IP address
- Port Scanning
- Rabbit Holes?
- From Nothing to a Unprivileged Shell
- Unprivileged Shell to Privileged Shell In this session, we will walk-thru, what can be done in each separate stage. Will provide Tips and Tricks for solving vulnerable VMs. Additionally Infrastructure PenTest Series : Part 2 - Vulnerability Analysis could be referred for exploitation of any particular services (i.e. it provides information such as “If you have identified service X (like ssh, Apache tomcat, JBoss, iscsi etc.), how they can be exploited”).
Requirement:
- Laptop with Virtual box and a vulnerable Machine (Any)
- Would suggest to have the vulnerable machine running on Host Only Interface, so that we can directly start.
Speaker
Timing
Starts at Saturday April 28 2018, 10:10 AM. The sessions runs for about 6 hours.