HackTheBox - Analytics

IppSec · Beginner ·🧠 Large Language Models ·2y ago

Skills: Security Basics90%

0:00 - Introduction 01:00 - Start of nmap 03:20 - Discovering Metabase, noticing the HTTP Headers are different. Checking TTL just to see if it decrements from the main web page. 07:00 - Searching for an exploit for metabase, then enumerating version 09:30 - Manually exploiting Metabase by pulling the setup-token, then getting injection on the /setup/validate endpoint through the JDBC Driver 15:50 - Reverse shell returned 18:30 - Discovering credentials in the environment variables, then ssh into the box 20:12 - Googling the kernel to discover its vulnerable to GameOverlay 24:00 - Explaining the gameoverlay exploit (CVE-2023-23640, CVE-2023-32629) 25:50 - Stepping through the exploit manually to understand how the overlay fs works, and what the exploit did to abuse it 28:10 - Looking into the permissions of the binaries that were created

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

More on: Security Basics

View skill →

AWS Security Agent (Preview) Overview - Frontier Agent for Proactive AppSec | Amazon Web Services

AWS Security Agent (Preview) Overview - Frontier Agent for Proactive AppSec | Amazon Web Services

Amazon Web Services

HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128

HOW FRCKN' HARD IS IT TO UNDERSTAND A URL?! - uXSS CVE-2018-6128

Secure Hash Algorithms Using Python- SHA256,SHA384,SHA224,SHA512,SHA1- Hashing In BlockChain

Secure Hash Algorithms Using Python- SHA256,SHA384,SHA224,SHA512,SHA1- Hashing In BlockChain

Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23

Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23

Configure and Deploy AWS Client VPN

Configure and Deploy AWS Client VPN

TryHackMe! Advent of Cyber - 2021 KICKOFF: 25 Days of Learning CYBERSECURITY

TryHackMe! Advent of Cyber - 2021 KICKOFF: 25 Days of Learning CYBERSECURITY

Related AI Lessons

Big Tech firms are accelerating AI investments and integration, while regulators and companies focus on safety and responsible adoption.

Big Tech firms are investing billions in AI infrastructure, driving growth and transformation in the field, with a focus on safety and responsible adoption

The Parallel Road: A Girl, A Machine, and the Architecture of Mind

Explore the intersection of artificial intelligence and human cognition through a unique narrative, understanding how AI systems mimic human thought processes

Dev.to · Seenivasa Ramadurai

Streaming AI Inference: The Software Fix That Cuts LLM Energy Bills

Optimize LLM inference energy bills with software fixes like continuous batching and KV-cache management, no new hardware needed

Dev.to · pickuma

I rebuilt my Financial Mentor retrieval from scratch. Here's everything the RAG stack taught me

Rebuilding a financial mentor retrieval system from scratch using the RAG stack reveals key lessons on hybrid search, CRAG, and adversarial evaluation

Dev.to · Saulo Linares

Chapters (11)

Introduction

1:00 Start of nmap

3:20 Discovering Metabase, noticing the HTTP Headers are different. Checking TTL ju

7:00 Searching for an exploit for metabase, then enumerating version

9:30 Manually exploiting Metabase by pulling the setup-token, then getting injectio

15:50 Reverse shell returned

18:30 Discovering credentials in the environment variables, then ssh into the box

20:12 Googling the kernel to discover its vulnerable to GameOverlay

24:00 Explaining the gameoverlay exploit (CVE-2023-23640, CVE-2023-32629)

25:50 Stepping through the exploit manually to understand how the overlay fs works,

28:10 Looking into the permissions of the binaries that were created

5 Levels of AI Agents - From Simple LLM Calls to Multi-Agent Systems

Dave Ebbelaar (LLM Eng)