Solving Kioptrix Level 1.1 #2 (Vulnhub) Walkthrough

Be better than yesterday Penetration Tester by trade OSCE|OSCP|CREST This video shows how to solve the vulnerable machine Kioptrix level 1.1 #2 Kioptrix Level 1.1 #2 is a recommended vulnerable machine hosted on Vulnhub for Offensive Security OSCP preparation Kioptrix vulnerable machine can be downloaded from https://www.vulnhub.com/series/kioptr... Gemini Security Awesome Hacking T-Shirts - Support the channel: https://www.redbubble.com/people/Gemi... Key Concepts: Enumerating software versions with NMap and Metasploit auxiliary scanner module Fuzzing web application with Burp Suite Community Edition with public payloads Exploiting SQL Injection to bypass authentication Exploiting Remote Command Injection/Execution to get a foothold into the server Exploiting outdated Linux kernel with public exploit Timestamp 00:00 Intro 00:12 Nmap Enumeration 00:29 Identify Exploits for Apache 2.0.52 00:41 Visiting the Apache Web Server via Firefox Browser 01:02 Launching and Configuring Burp Suite HTTP Proxy 01:44 Identifying Login Request on Burp Suite 01:58 Configuring Burp Suite for HTTPS Web Pages 02:34 PayloadsAllTheThings for Fuzzing 02:54 Using Burp Suite Intruder for Fuzzing 03:23 Identifying SQL Injection via Content Length 03:55 Identifying Command Injection/Execution 04:27 Introducing PHP-reverse-shell.php in Kali 04:59 Exploiting Command Injection to execute PHP 05:27 Initial Foothold via PHP reverse shell 06:11 Identifying Kernel Exploit for Privilege Escalation 06:54 Pre-compiled Kernel Exploit Available 07:35 Rooted via Pre-compiled Kernel Exploit