Home » Science & Technology » Pentesting for n00bs: Episode 5 - Jerry

Pentesting for n00bs: Episode 5 - Jerry

Written By The Cyber Mentor on Monday, Aug 19, 2019 | 02:48 PM

 
Get my: 25 hour Practical Ethical Hacking Course: https://www.udemy.com/course/practical-ethical-hacking/?referralCode=4A7D5EE973AFBCAD11C6 Windows Privilege Escalation for Beginners Course: https://www.udemy.com/course/windows-privilege-escalation-for-beginners/?referralCode=7CADEAA4AA3D5A1032AE 0:00 - Introduction and box overview 2:53 - Reviewing scan results 4:34 - Exploring port 8080 6:15 - Apache Tomcat default credentials 6:50 - Configuring Burp Suite 8:05 - Discussing Burp Suite intercepts, decoder, repeater, and intruder 11:30 - Building out a default credential list 13:15 - One line for loops for the win 16:10 - Using Burp intruder to test for default credentials 20:00 - Exploring Tomcat with found credentials 21:10 - Enumerating Tomcat, generating WAR reverse shells, and getting a shell 26:14 - Discussing post enumeration, certutil file transfers, Python HTTP servers, and improving a shell ❓Info❓ ___________________________________________ Need a Pentest?: https://tcm-sec.com Learn to Hack: https://academy.tcm-sec.com 🔹The Cyber Mentor Merch🔹 ___________________________________________ https://teespring.com/stores/the-cyber-mentor 📱Social Media📱 ___________________________________________ Website: https://thecybermentor.com Twitter: https://twitter.com/thecybermentor Twitch: https://www.twitch.tv/thecybermentor Discord: https://tcm-sec.com/discord LinkedIn: https://www.linkedin.com/in/heathadams 💸Donate💸 ___________________________________________ Like the channel? Please consider supporting me on Patreon: https://www.patreon.com/thecybermentor Support the stream (one-time): https://streamlabs.com/thecybermentor Hacker Books: Penetration Testing: A Hands-On Introduction to Hacking: https://amzn.to/31GN7iX The Hacker Playbook 3: https://amzn.to/34XkIY2 Hacking: The Art of Exploitation: https://amzn.to/2VchDyL The Web Application Hacker's Handbook: https://amzn.to/30Fj21S Real-World Bug Hunting: A Field Guide to Web Hacking: https://amzn.to/2V9srOe Social Engineering: The Science of Human Hacking: https://amzn.to/31HAmVx Linux Basics for Hackers: https://amzn.to/34WvcXP Python Crash Course, 2nd Edition: https://amzn.to/30gINu0 Violent Python: https://amzn.to/2QoGoJn Black Hat Python: https://amzn.to/2V9GpQk My Build: lg 32gk850g-b 32" Gaming Monitor:https://amzn.to/30C0qzV darkFlash Phantom Black ATX Mid-Tower Case: https://amzn.to/30d1UW1 EVGA 2080TI: https://amzn.to/30d2lj7 MSI Z390 MotherBoard: https://amzn.to/30eu5TL Intel 9700K: https://amzn.to/2M7hM2p G.SKILL 32GB DDR4 RAM: https://amzn.to/2M638Zb Razer Nommo Chroma Speakers: https://amzn.to/30bWjiK Razer BlackWidow Chroma Keyboard: https://amzn.to/2V7A0or CORSAIR Pro RBG Gaming Mouse: https://amzn.to/30hvg4P Sennheiser RS 175 RF Wireless Headphones: https://amzn.to/31MOgpu My Recording Equipment: Panasonic G85 4K Camera: https://amzn.to/2Mk9vsf Logitech C922x Pro Webcam: https://amzn.to/2LIRxAp Aston Origin Microphone: https://amzn.to/2LFtNNE Rode VideoMicro: https://amzn.to/309yLKH Mackie PROFX8V2 Mixer: https://amzn.to/31HKOMB Elgato Cam Link 4K: https://amzn.to/2QlicYx Elgate Stream Deck: https://amzn.to/2OlchA5 *We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.

Disclaimer:
All images, musics and videos copyright are belong to their respective owners. We just put embed contents from Youtube.com and do not host any content in our server. These content(s) may be protected by copyright law or other laws regarding intellectual property of the United States or other countries. Downloading file(s) on this site is just for review purpose. If you love the song, please support the artists by buying the original CD/Cassette or buying the song from iTunes.