HackTheBox - Busqueda

Name: HackTheBox - Busqueda
Uploaded: 2023-08-12T15:05:44Z
Channel: IppSec
Description: 00:00 - Introduction 01:00 - Start of the nmap 04:20 - Copying the request in burpsuite to a file so we can use FFUF to fuzz 06:00 - Just testing for SS...

IppSec · Beginner ·🔐 Cybersecurity ·2y ago

00:00 - Introduction 01:00 - Start of the nmap 04:20 - Copying the request in burpsuite to a file so we can use FFUF to fuzz 06:00 - Just testing for SSTI 06:45 - Found two bad characters, putting a comment after a bad character to see where it is failing 08:20 - Discovering we can append to the string, then trying for executing code with print to test for eval statements 10:00 - Getting a reverse shell 15:00 - Reverse shell returned 17:00 - Looking at apache virtualhosts to discover a hidden vhost that is running gitea 19:00 - Finding creds in the .git folder which lets us run sudo 22:00 - In…

Watch on YouTube ↗ (saves to browser)

Chapters (12)

Introduction

1:00 Start of the nmap

4:20 Copying the request in burpsuite to a file so we can use FFUF to fuzz

6:00 Just testing for SSTI

6:45 Found two bad characters, putting a comment after a bad character to see where

8:20 Discovering we can append to the string, then trying for executing code with p

10:00 Getting a reverse shell

15:00 Reverse shell returned

17:00 Looking at apache virtualhosts to discover a hidden vhost that is running gite

19:00 Finding creds in the .git folder which lets us run sudo

22:00 Inspecting the docker containers to discover passwords in environment variable

25:30 Discovering the system-checkup.py script is not using an absolute path, so we

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →