1
00:00:00,390 --> 00:00:02,760
Welcome to the first part of this course.

2
00:00:02,790 --> 00:00:09,330
So before we can actually dive into privilege escalation we need to actually have something to escalate

3
00:00:09,330 --> 00:00:10,950
privileges against.

4
00:00:10,950 --> 00:00:18,210
Now I weighed the decision pretty heavily on how I wanted to approach this the most economical way was

5
00:00:18,210 --> 00:00:24,990
to actually use a service somewhere to hack the box or try hack me or or one of those other services

6
00:00:24,990 --> 00:00:26,700
that are out there that have labs.

7
00:00:26,700 --> 00:00:30,620
This is because Windows requires you to have a license.

8
00:00:30,630 --> 00:00:35,520
You see a lot of Linux boxes out there for free will windows requires a license and licensing can be

9
00:00:35,520 --> 00:00:36,660
expensive.

10
00:00:36,690 --> 00:00:42,420
So instead of requiring licensing the cheaper alternative was to use a vulnerable site like hack the

11
00:00:42,420 --> 00:00:46,100
box and give instruction v this.

12
00:00:46,110 --> 00:00:52,170
So what we're gonna do is we're going to utilize hack the box now for the first portion of this course.

13
00:00:52,290 --> 00:00:54,870
You can actually run this on any Windows machine.

14
00:00:54,870 --> 00:00:57,100
We're just doing basic enumeration.

15
00:00:57,240 --> 00:01:00,760
But what we're gonna be doing here is we're going to simulate an attack.

16
00:01:00,900 --> 00:01:06,270
We're going to get lower level privileges on a machine and then we're going to do enumeration on that

17
00:01:06,270 --> 00:01:07,160
machine.

18
00:01:07,170 --> 00:01:12,550
Now you can forego all this and just do this from your command line on your own windows machine.

19
00:01:12,660 --> 00:01:16,760
Nothing malicious is going to be done during the enumeration process.

20
00:01:16,770 --> 00:01:23,040
However if you want to follow along step by step you will need to hack the box subscription so that

21
00:01:23,040 --> 00:01:27,120
will run ten dollars to thirteen dollars approximately.

22
00:01:27,120 --> 00:01:29,730
And if you've never used hack the box before.

23
00:01:29,730 --> 00:01:30,920
That's OK.

24
00:01:30,930 --> 00:01:34,510
It does require you to quote unquote hack your way in.

25
00:01:34,530 --> 00:01:42,030
However that is very easily Google will if you want to do some research and look on how to get a subscription.

26
00:01:42,090 --> 00:01:43,650
It's very very straightforward.

27
00:01:44,070 --> 00:01:50,070
So we're going to be utilizing this for the enumeration portion and then as we start to tackle machines

28
00:01:50,070 --> 00:01:54,450
and one off type vulnerabilities I'm going to be using different machines here to show you how that

29
00:01:54,450 --> 00:01:55,500
works.

30
00:01:55,590 --> 00:02:01,350
Now throughout the course my challenge to you is going to be to attempt the machine that I show you

31
00:02:01,710 --> 00:02:05,130
before actually watching the next video.

32
00:02:05,160 --> 00:02:09,990
So what we're going to be doing for this for example is we're gonna be spinning up this devil machine

33
00:02:10,020 --> 00:02:14,640
DTV deal and it lives at ten that ten that 10 to 5.

34
00:02:14,670 --> 00:02:18,720
So all you have to do is press the start button machine which I've already done.

35
00:02:18,720 --> 00:02:24,570
You just press Start button next to it get it spun up and then what you're going to do is go ahead and

36
00:02:24,570 --> 00:02:29,550
try to scan it use in map try to attack it see what happens.

37
00:02:29,550 --> 00:02:35,380
What I want you to do is try to get to the low level user and then meet me in the next video we're going

38
00:02:35,380 --> 00:02:36,540
to go through a walkthrough.

39
00:02:36,540 --> 00:02:38,270
After that we'll start the enumeration.

40
00:02:38,280 --> 00:02:43,170
So if you have any questions you want to see my methodology I'm going to cover that in the next video

41
00:02:43,200 --> 00:02:48,330
but I'm going to kind of do it kind of quickly again this is kind of more of a non beginner course we're

42
00:02:48,330 --> 00:02:51,430
kind of moving into the intermediate style level.

43
00:02:51,570 --> 00:02:57,150
So I almost expect you to be able to solve this first half and then meet me kind of in the middle where

44
00:02:57,150 --> 00:03:00,320
I teach you how to how to escalate the privileges.

45
00:03:00,330 --> 00:03:01,080
That makes sense.

46
00:03:01,080 --> 00:03:05,940
So every box that we do in this course I'm going to challenge you to go ahead and try to get to that

47
00:03:05,940 --> 00:03:09,560
low level user and then we'll work on escalating every box.

48
00:03:09,570 --> 00:03:12,290
We'll have a walkthrough in case you do get stuck.

49
00:03:12,300 --> 00:03:15,120
So what I'm going to do now is ask you to go ahead and try.

50
00:03:15,120 --> 00:03:16,040
Give it a go.

51
00:03:16,140 --> 00:03:21,690
And in the next video I'm going to show you how to get a low level user on this box and then we'll start

52
00:03:21,690 --> 00:03:26,010
working on enumeration and moving forward with our escalation tactics.