HackTheBox - Busqueda

IppSec · Beginner ·🔐 Cybersecurity ·2y ago

00:00 - Introduction 01:00 - Start of the nmap 04:20 - Copying the request in burpsuite to a file so we can use FFUF to fuzz 06:00 - Just testing for SSTI 06:45 - Found two bad characters, putting a comment after a bad character to see where it is failing 08:20 - Discovering we can append to the string, then trying for executing code with print to test for eval statements 10:00 - Getting a reverse shell 15:00 - Reverse shell returned 17:00 - Looking at apache virtualhosts to discover a hidden vhost that is running gitea 19:00 - Finding creds in the .git folder which lets us run sudo 22:00 - Inspecting the docker containers to discover passwords in environment variables which lets us log into gitea as administrator and view the script we are running as sudo 25:30 - Discovering the system-checkup.py script is not using an absolute path, so we can execute a shell script in our CWD as root

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

Related AI Lessons

Synthesizing the Principles-Building Your Cohesive Security Blueprint

Learn to build a cohesive security blueprint by synthesizing key cybersecurity principles

Medium · Cybersecurity

Security Through Obscurity-A Clever Tactic, But a Terrible Strategy

Learn why Security Through Obscurity is a flawed strategy for protecting digital systems and what alternatives can be used instead

Medium · Cybersecurity

American Lending Center Data Breach Impacts 123,000 Individuals: What Financial Institutions Must…

American Lending Center's data breach affects 123,000 individuals, highlighting the need for financial institutions to prioritize cybersecurity

Medium · Cybersecurity

Secure by Design-Building Foundations, Not Fixing Flaws

Learn to prioritize security from the ground up to avoid costly fixes later, a crucial mindset for developers and cybersecurity professionals

Medium · Cybersecurity

Chapters (12)

Introduction

1:00 Start of the nmap

4:20 Copying the request in burpsuite to a file so we can use FFUF to fuzz

6:00 Just testing for SSTI

6:45 Found two bad characters, putting a comment after a bad character to see where

8:20 Discovering we can append to the string, then trying for executing code with p

10:00 Getting a reverse shell

15:00 Reverse shell returned

17:00 Looking at apache virtualhosts to discover a hidden vhost that is running gite

19:00 Finding creds in the .git folder which lets us run sudo

22:00 Inspecting the docker containers to discover passwords in environment variable

25:30 Discovering the system-checkup.py script is not using an absolute path, so we

Top 7 Free Cybersecurity Courses With Certificates | Learn Cybersecurity For Free | Simplilearn