Pentesting for n00bs: Episode 5 - Jerry

Get my: 25 hour Practical Ethical Hacking Course: https://www.udemy.com/course/practica... Windows Privilege Escalation for Beginners Course: https://www.udemy.com/course/windows-... 0:00 - Introduction and box overview 2:53 - Reviewing scan results 4:34 - Exploring port 8080 6:15 - Apache Tomcat default credentials 6:50 - Configuring Burp Suite 8:05 - Discussing Burp Suite intercepts, decoder, repeater, and intruder 11:30 - Building out a default credential list 13:15 - One line for loops for the win 16:10 - Using Burp intruder to test for default credentials 20:00 - Exploring Tomcat with found credentials 21:10 - Enumerating Tomcat, generating WAR reverse shells, and getting a shell 26:14 - Discussing post enumeration, certutil file transfers, Python HTTP servers, and improving a shell ❓Info❓ ___________________________________________ Need a Pentest?: https://tcm-sec.com Learn to Hack: https://academy.tcm-sec.com 🔹The Cyber Mentor Merch🔹 ___________________________________________ https://teespring.com/stores/the-cybe... 📱Social Media📱 ___________________________________________ Website: https://thecybermentor.com Twitter:   / thecybermentor   Twitch:   / thecybermentor   Discord: https://tcm-sec.com/discord LinkedIn:   / heathadams   💸Donate💸 ___________________________________________ Like the channel? Please consider supporting me on Patreon:   / thecybermentor   Support the stream (one-time): https://streamlabs.com/thecybermentor Hacker Books: Penetration Testing: A Hands-On Introduction to Hacking: https://amzn.to/31GN7iX The Hacker Playbook 3: https://amzn.to/34XkIY2 Hacking: The Art of Exploitation: https://amzn.to/2VchDyL The Web Application Hacker's Handbook: https://amzn.to/30Fj21S Real-World Bug Hunting: A Field Guide to Web Hacking: https://amzn.to/2V9srOe Social Engineering: The Science of Human Hacking: https://amzn.to/31HAmVx Linux Basics for Hackers: https://amzn.to/34WvcXP Python Crash Course, 2nd Edition: https://amzn.to/30gINu0 Violent Python: https://amzn.to/2QoGoJn Black Hat Python: https://amzn.to/2V9GpQk My Build: lg 32gk850g-b 32" Gaming Monitor:https://amzn.to/30C0qzV darkFlash Phantom Black ATX Mid-Tower Case: https://amzn.to/30d1UW1 EVGA 2080TI: https://amzn.to/30d2lj7 MSI Z390 MotherBoard: https://amzn.to/30eu5TL Intel 9700K: https://amzn.to/2M7hM2p G.SKILL 32GB DDR4 RAM: https://amzn.to/2M638Zb Razer Nommo Chroma Speakers: https://amzn.to/30bWjiK Razer BlackWidow Chroma Keyboard: https://amzn.to/2V7A0or CORSAIR Pro RBG Gaming Mouse: https://amzn.to/30hvg4P Sennheiser RS 175 RF Wireless Headphones: https://amzn.to/31MOgpu My Recording Equipment: Panasonic G85 4K Camera: https://amzn.to/2Mk9vsf Logitech C922x Pro Webcam: https://amzn.to/2LIRxAp Aston Origin Microphone: https://amzn.to/2LFtNNE Rode VideoMicro: https://amzn.to/309yLKH Mackie PROFX8V2 Mixer: https://amzn.to/31HKOMB Elgato Cam Link 4K: https://amzn.to/2QlicYx Elgate Stream Deck: https://amzn.to/2OlchA5 *We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.