HackTheBox - Chemistry

Name: HackTheBox - Chemistry
Uploaded: 2025-03-08T15:00:30Z
Channel: IppSec
Description: 00:00 - Introduction shorter than normal since I did this blind 00:15- Start of nmap 01:00 - Looking at the webpage, see CIF Analyzer 02:56 - Finding an...

IppSec · Beginner ·🔐 Cybersecurity ·1y ago

00:00 - Introduction shorter than normal since I did this blind 00:15- Start of nmap 01:00 - Looking at the webpage, see CIF Analyzer 02:56 - Finding an exploit script, testing out with ping and getting a ping 06:00 - Having trouble getting a reverse shell, end up curling a file 11:00 - Reverse shell returned, playing around with the shell to try and figure out what happened 17:55 - Finding another webserver listening on 8080, can't access it 18:30 - Dumping the database, finding some other credentials 21:30 - Logging in as Rosa, my host didn't allow SSH Commandline, fixing it. Can now access…

Watch on YouTube ↗ (saves to browser)

Chapters (10)

Introduction shorter than normal since I did this blind

1:00 Looking at the webpage, see CIF Analyzer

2:56 Finding an exploit script, testing out with ping and getting a ping

6:00 Having trouble getting a reverse shell, end up curling a file

11:00 Reverse shell returned, playing around with the shell to try and figure out wh

17:55 Finding another webserver listening on 8080, can't access it

18:30 Dumping the database, finding some other credentials

21:30 Logging in as Rosa, my host didn't allow SSH Commandline, fixing it. Can now a

24:40 Finding an oldversion of aiohttp 3.9.1 is running, that is vulnerable to path

29:30 Showing the iptables rule that blocks a specific user from sending packets

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →