Pentesting for N00bs - Jerry
Offered By: Cyber Mentor via YouTube
Course Description
Overview
Dive into the fifth episode of a penetration testing tutorial series focused on exploiting the "Jerry" box. Learn to analyze scan results, explore open ports, and leverage Apache Tomcat default credentials. Master Burp Suite configuration and features, including intercepts, decoder, repeater, and intruder. Discover techniques for building default credential lists and using one-line for loops. Practice using Burp intruder to test credentials, explore Tomcat with found access, and generate WAR reverse shells. Gain insights into post-exploitation enumeration, file transfers with certutil, setting up Python HTTP servers, and improving shell capabilities.
Syllabus
- Introduction and box overview.
- Reviewing scan results.
- Exploring port 8080.
- Apache Tomcat default credentials.
- Configuring Burp Suite.
- Discussing Burp Suite intercepts, decoder, repeater, and intruder.
- Building out a default credential list.
- One line for loops for the win.
- Using Burp intruder to test for default credentials.
- Exploring Tomcat with found credentials.
- Enumerating Tomcat, generating WAR reverse shells, and getting a shell.
- Discussing post enumeration, certutil file transfers, Python HTTP servers, and improving a shell.
Taught by
The Cyber Mentor
Related Courses
Ethical HackingIndian Institute of Technology, Kharagpur via Swayam Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax MSc Cyber Security
Coventry University via FutureLearn Network Security - Introduction to Network Security
New York University (NYU) via edX Network Security - Advanced Topics
New York University (NYU) via edX