DEVEL — HTB walkthrough

Nmap scan for ports services and OS
First create a file using msfvenom
Now let’s put this on server using FTP
Now we will make our new payload using aspx format
Putting it back to FTP so that it can run on browser
use exploit/multi/handler
We have SeImpersonatePrivilege and SeAssignPrimaryTokenPrivilege
Background the process and use incognito
Enumerating privileges
Using exploit/windows/local/bypassuac_eventvwr
Exploit did not work. So we will go down the list and use next one.
exploit/windows/local/ms10_015_kitrap0d
Getting root flag
getting user flag
I renamed it to JP.exe and transferred using FTP.
Open listener on 1234 on different shell, to see process spawn.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store