00:00 - Introduction
01:00 - Start of nmap
02:55 - Doing a full nmap scan, then scanning the minecraft ports with scripts to discover minecraft version
04:45 - Discovering this minecraft version is vulnerable to Log4j
06:50 - Extracting Java Version/Class Path/etc via Log4j
10:40 - Using the Log4j Shell POC to get a shell, this reflectively loads a Java Library
13:50 - Getting a reverse shell
15:00 - Discovering plugins on the server, copying the JAR over to our box and decompiling it to discover hardcoded credentials
20:20 - Using PowerShell to run a command as Administrator to get root
Support the originator by clicking the read the rest link below.
