HackTheBox - Code

Name: HackTheBox - Code
Uploaded: 2025-08-02T15:00:00Z
Channel: IppSec
Description: 00:00 - Introduction 00:50 - Start of nmap 01:50 - Navigating to the page and discovering we can run Python Code but there is a filter blocking certain ...

IppSec · Beginner ·🛡️ AI Safety & Ethics ·8mo ago

00:00 - Introduction 00:50 - Start of nmap 01:50 - Navigating to the page and discovering we can run Python Code but there is a filter blocking certain words 05:00 - Walking through filter evasion with python, showing loaded classes 07:45 - Calling popen to run a command 11:50 - Using List Comprehension in python to convert our multiline payload into a single line 14:30 - Looking at the database, grabbing the hash, cracking and switching users 16:00 - We can use sudo to run backy.sh with task.json, looking at the bash script to see we have a way to bypass the filter 20:10 - Having trouble expl…

Watch on YouTube ↗ (saves to browser)

Chapters (12)

Introduction

0:50 Start of nmap

1:50 Navigating to the page and discovering we can run Python Code but there is a f

5:00 Walking through filter evasion with python, showing loaded classes

7:45 Calling popen to run a command

11:50 Using List Comprehension in python to convert our multiline payload into a sin

14:30 Looking at the database, grabbing the hash, cracking and switching users

16:00 We can use sudo to run backy.sh with task.json, looking at the bash script to

20:10 Having trouble exploiting out of a temp directory, will explain later

24:50 Copying task.json to a different directory and it magically works

27:00 Explaining why we couldn't do this in a temp directory, sticky bit makes it a

35:20 Showing another way to root it, just ignore the ../ replacement and since bash

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →