The Complete Pentesting & Privilege Escalation Course

Master Bandit level file discovery using the find command to locate hidden, not executable files and reveal passwords for escalating privileges.

Master bandit level techniques by applying strings, grep, sort, and unique to extract the next level password from a large data file near the word millionth.

Decode base64 data and apply rot13 decryption to reveal passwords for Bandit level progression. Analyze hex dumps from repeatedly compressed data to extract hidden strings.

Convert hex dump into a file, then decompress repeatedly using gzip, bzip2, and tar to reveal a password. Use a private key and netcat to advance to next Bandit level.

Solve bandit level 18 by using diff to reveal the password change between passwords_old and passwords_new, then SSH with a non-bash shell and read the readme for level 19.

Practice privilege escalation across bandit levels 19–21 by running sacred binaries, using bandit passes, and transferring passwords over localhost ports.

Explore how cron jobs schedule tasks, analyze bandit level 22 and 23 scripts, and extract the next level password from a temporary file using the current user context.

Bandit level 24 cron advanced shows how to build and deploy a custom shell script to /var/spool/bandit24, triggering cron to reveal the password stored in /tmp, enabling progression.

Learn to advance Bandit levels by brute-forcing a four-digit PIN, using netcat over a port and Python or bash scripts to automate the search and reveal the password.

Log into Bandit level 26 on localhost, use vim and the more command to view files and switch to bash. Extract the level 27 password and prepare to continue.

Explore git fundamentals in a hands-on bandit challenge, mastering cloning, branching, committing, pushing, and log inspection while uncovering secrets and password leaks in remote repositories.

Escape the uppercase Bandit shell by switching to expert bash, using shell commands, and retrieving the password to advance through the over the wire Bandit levels.

set up the wakanda ctf machine, import the virtual box image, and enumerate the target network using net discover or nmap to locate ports and capture three flags.

After gaining access, practice privilege escalation by identifying your user, spawning a shell via Python, and attempting to read flags by escalating from Mamadu to the dev ops user.

Explore sudo privilege escalation by using sudo -l to reveal permitted commands, and practice techniques with fake pip to obtain a reverse shell and root access.

Set up the Mr. Robot CTF environment in an Ubuntu 64-bit virtual box, configure the network, and scan the target with map, door buster, and WordPress login pages.

Explore WordPress login vulnerabilities in a CTF, compare wp admin and wp login, and perform a dictionary brute force with Hydra via Burp Suite to find a valid username.

Brute force a WordPress login using a provided dictionary to discover the Aleut password, then explore WordPress 4.3.25 vulnerabilities and potential post or reverse shell uploads for deeper access.

Discover how WordPress vulnerabilities can be exploited through file uploads and a reverse shell, test payload delivery, and begin privilege escalation on a compromised server.

Escalate privileges by switching to the robot user, decrypt a password, log in, spawn a shell, and capture the second flag, preparing for root access in the next lecture.

Demonstrate setuid privilege escalation on Ubuntu, search for binaries with the setuid bit, and gain root access through an interactive shell.

Log into the admin portal by inspecting the page source and following breadcrumbs from hints. Exploit the image upload feature to gain access and begin privilege escalation on the server.

Learn practical privilege escalation from the Apache user to admin by exploiting user binaries, cron jobs, and a Python-based reverse shell to gain elevated access.

Explore privilege escalation from an admin shell by decrypting password hashes with a Python script that decodes base64 and rot13, reverse engineering the cryptology workflow.

Demonstrate root privilege escalation by collecting passwords, switching users, and exploiting a do come binary to gain root access, then trigger a Python reverse shell to reveal the flag.

Learn how to enumerate a compromised system to gather information for privilege escalation using manual techniques. Inspect user identity, system version, and network details to spot escalation opportunities.

Explore kernel exploits and privilege escalation techniques used in real pentesting, examining manual and tool-assisted approaches, including Linux exploits, dirty cow, and exploit database workflows.

Explore password enumeration techniques by reviewing command history, searching for passwords with find and locate, and examining /etc/passwd and shadow file permissions for privilege escalation.

Explore how sudo, or pseud o list techniques, enable privilege escalation by running binaries as root, sometimes via interactive shells, and highlight misconfigurations and risks.

Explore suid privilege escalation by tracing binaries with strace, identify vulnerable execution paths, and craft code to gain root access via a setuid root shell.

Explore advanced file permissions and privilege escalation by examining environment variables and the path, and see how binaries such as service and Apache can be leveraged to escalate privileges.

Learn to exploit environment variables and path precedence by placing a root-owned executable in /tmp to shadow the Apache service, set UID 0, and spawn /bin/bash.

Demonstrate how cron jobs and the cronie service operate, read crontab fields, and explore privilege escalation by crafting a user script executed by root through a misconfigured schedule.

Focus on Windows privilege escalation and hacking Windows machines using hack the box and hack the bugs, and understand user groups, movement through them, and VIP membership requirements.

Learn to set up the Hack The Box VPN, download and connect via OpenVPN, access the devil Windows machine, and practice privilege escalation techniques.

Set up access to the dial machine and start with a fast port scan for information gathering. Explore retired Windows targets, VIP access, and walkthroughs to guide initial enumeration.

Demonstrate hacking a Windows machine by exploiting anonymous FTP access, uploading a reverse shell, and using Metasploit to establish a session for privilege escalation.

Explore Windows information gathering via interpreter and Windows shell, using system info, whoami, ipconfig, route print, and netstat, then search for passwords with findstr and scan services with sc query.

Turn collected system information into actionable privilege escalation suggestions by matching Windows version details to known vulnerabilities, using tools to generate a current vulnerability report and exploit suggestions.

Discover alternative tools for privilege escalation using an interpreter shell, run get system checks, and use post-exploit suggestions to identify local Windows and Linux exploits in practical scenarios.

Explore privilege escalation on a Windows machine by using exploit modules and session handling. Attempt administrator access, navigate to the desktop, and review Kitara Pod exploits and payload options.

Learn how to perform a potato attack to escalate privileges by impersonating tokens to obtain administrator access on Windows, using automated and manual methods.

Demonstrate manual privilege escalation on Windows by locating and exploiting vulnerabilities, downloading and deploying a payload, and obtaining a reverse shell to gain system privileges.

Discover how to access the cold fusion administrator dashboard by exploiting a directory traversal vulnerability, locating an administrator password, and logging in to explore the dashboard.

This lecture demonstrates uploading a JSP shell to the cold fusion administrator panel and triggering a reverse shell via scheduled tasks and a web server.