HackTheBox - CriticalOps

Name: HackTheBox - CriticalOps
Uploaded: 2025-06-25T20:30:41Z
Channel: IppSec
Description: HackTheBox is running a Bug Bounty themed CTF, HackTheSystem June 27-29 2025. These challenges are all based on real bug bounty reports. There are two t...

IppSec · Beginner ·🔐 Cybersecurity ·9mo ago

HackTheBox is running a Bug Bounty themed CTF, HackTheSystem June 27-29 2025. These challenges are all based on real bug bounty reports. There are two teaser challenges that are out now! I'll showcase one of them, CriticalOps. HackTheSystem - Bug Bounty CTF: https://ctf.hackthebox.com/event/details/hack-the-system-bug-bounty-ctf-2508 HackTheSystem Teaser Playground: https://ctf.hackthebox.com/event/details/hack-the-system-bug-bounty-ctf-playground-2509 NovaEnergy Challenge w/ 0xdf: https://www.youtube.com/watch?v=Ru5toDyKNjg 00:00 - Introduction 01:30 - Looking at the challenge description…

Watch on YouTube ↗ (saves to browser)

Chapters (9)

Introduction

1:30 Looking at the challenge description

2:50 Examining the website, trying to identify how the website is configured

4:40 Registering an account

6:40 Playing with the ticket submission

8:00 Looking into the UUID

9:50 Examining the login request and noticing the server doesn't give us an auth co

11:30 Installing the JWT Editor Burpsuite Plugin and then forging a JWT as admin

13:00 Looking at the tickets as an admin and getting the flag

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →