https://stream.echo6.co/videos/watch/8df70d12-58d5-4137-a975-7998c95b6000 00:00 - Introduction 01:00 - Start of nmap 02:55 - Doing a full nmap scan, then scanning the minecraft ports with scripts to discover minecraft version 04:45 - Discovering this minecraft version is vulnerable to Log4j 06:50 - Extracting Java Version/Class Path/etc via Log4j 10:40 - Using the Log4j Shell POC to get a shell, this reflectively loads a Java Library 13:50 - Getting a reverse shell 15:00 - Discovering plugins on the server, copying the JAR over to our box and decompiling it to discover hardcoded credentials 20:20 - Using PowerShell to run a command as Administrator to get root Fri, 17 Apr 2026 08:59:40 GMT https://validator.w3.org/feed/docs/rss2.html PeerTube - https://stream.echo6.co https://stream.echo6.co/client/assets/images/icons/icon-512x512.png https://stream.echo6.co/videos/watch/8df70d12-58d5-4137-a975-7998c95b6000 All rights reserved, unless otherwise specified in the terms specified at https://stream.echo6.co/about and potential licenses granted by each content's rightholder.