HackTheBox Walkthrough - Responder (full) // Starting Point

A deep dive walkthrough of the responder machine on Hack The Box. Learn how to pentest & build a career in cyber security by starting out with beginner level walkthroughs like this! ------ Contents of video ------ 0:00 - Video Sponsor 1:04 - Intro 2:20 - Explaining nmap scan 6:58 - Web App Enumeration 9:50 - Identifying & explaining file inclusion vulnerabilities 15:40 - Explaining chaining RFI exploit with SMB 18:20 - Setting up responder 21:15 - Exploiting remote file inclusion to get password hashes 26:08 - Cracking password hashes 28:54 - Using cracked password hashes to authenticate to target 30:27 - Getting root flag Zero Point Security Courses (Affiliate Links): Red Team Ops - https://courses.zeropointsecurity.co.... C2 Development in C# - https://courses.zeropointsecurity.co.... Offensive Driver Development - https://courses.zeropointsecurity.co.... My GitHub Repo (with notes on topics used in this video): https://github.com/jakescheetz/OSCP Extra Resources on File Inclusion Vulnerabilities: Remote File Inclusion - https://www.zaproxy.org/docs/alerts/7/ Local File Inclusion - https://www.cobalt.io/blog/a-penteste... Real World Example // Attacking File Inclusion: https://www.netspi.com/blog/technical... NTLM Authentication in a security context, for beginners: https://www.crowdstrike.com/cybersecu... #hackTheBox #walkthrough #responder #tutorial #capturetheflag