Dive into the BountyHunter walkthrough, where we break down an easy Linux machine step by step:
🔍 What We'll Learn:
- Discover XXE injection to read system files
- Use leaked PHP credentials for a foothold
- Auditing Python scripts and exploit vulnerabilities to escalate privileges.
Skills covered include Nmap enumeration, source code review, and XXE injection. Watch as we escalate from user to root and claim the flags! Perfect for beginner penetration testers sharpening their skills for the CBBH certification.
🎯 Don’t forget to like, subscribe, and hit the bell for more hacking walkthroughs!
------------------------------
Chris Alupulu's Socials:
Instagram: https://instagram.com/chrisalupului
X: https://x.com/chrisalupului
TikTok: https://tiktok.com/chrisalupului
Visit my website: https://alupului.com
My Recording Gear Used:
https://www.amazon.com/shop/chrisalupului/list/SFY2LSL7TUYR?ref_=aip_sf_cur_spv_ofs_d
Sponsors:
Interested in sponsoring my videos? Reach out to me at: [email protected]
------------------------------
TIMESTAMP:
00:00 Intro
00:29 Adding IP to hosts file
01:07 Nmap recon for open ports
02:13 Ffuf subdomain enumeration
03:00 Viewing website with Burp Suite
08:00 Feroxbuster directory recon
12:20 Discovered potential attack vector
25:20 SSH foothold established
26:55 Privilege escalation to root
32:00 Thoughts on bountyhunter
33:35 Outro
#ethicalhacking #htb #hackthebox #cybersecurity #cybersecuritytutorial #cybersecurityforbeginners #ethicalhacker #ethicalhackingtutorial #infosec
Think you're ready for a bigger challenge?
🔥 Hack The Box Pro Labs offer advanced, real-world network simulations like Dante, Offshore, and Cybernetics. Dive deep into hands-on environments built to level up your skills in hacking, Active Directory, and red teaming.
Perfect for sharpening your expertise and exploring real corporate network setups. Get started today
Affiliate Disclaimer:
This video includes affiliate links and if you use them, I may earn a small commission at no extra cost to you. 🔥 Thanks for supporting the channel!
👉 Hack The Box Affiliate Link 👈
https://hacktheboxltd.sjv.io/nXk647
What's My Recording Gear?
Amazon Storefront: https://www.amazon.com/shop/chrisalupului/list/SFY2LSL7TUYR?ref_=cm_sw_r_cp_ud_aipsflist_Q04ST9PYWP0G6F3VA2E0_1
DISCLAIMER: This video is intended for educational purposes only. All activities demonstrated in this video were conducted on legally authorized systems such as HackTheBox & TryHackMe. Unauthorized hacking, including attempts to gain unauthorized access to computers, servers, or other digital assets, is illegal and unethical. Always obtain proper permission before conducting any form of penetration testing or security research. The techniques shown here should only be used in ethical hacking environments, and I am not responsible for any misuse of the information provided.