HackTheBox - Facts

IppSec · Beginner ·🔐 Cybersecurity ·2d ago

Skills: Network Security80%Ethical Hacking & Pen Testing70%

00:00 - Introduction 00:55 - Start of nmap 02:30 - Discovering it is Camaleon CMS based upon the theme url 04:00 - Looking at the cookie to see it is likely a RAILS App 06:00 - Discovering /admin, enumerating valid usernames by how long a login takes 09:40 - Playing with Mass Assignment spots in the application, failing the first few 13:10 - Exploiting mass assignment from the password reset and setting role to admin 16:30 - Discovering AWS Information in the admin panel, setting upthe AWS CLI to use this endpoint then download a ssh key from S3 21:30 - Cracking SSHNG$6 with John because Hashcat doesn't have this yet 25:15 - Our user can run facter with sudo, looking at the GTFOBin and getting code execution 29:20 - Beyond Root: Exploiting CVE-2024-46987, which is a File Disclosure

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

More on: Network Security

View skill →

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

Building a High-throughput VPN

Configuring Network Connectivity Center as a Transit Hub

VPC Flow Logs - Analyzing Network Traffic

HackTheBox - Intentions

HackTheBox - Intentions

Google Cloud Packet Mirroring with OpenSource IDS

Related AI Lessons

The More I Learned About Security, the Less Certain I Became

As you learn more about security, you may become less certain due to the complexity and nuances of the field

Medium · Programming

Authority vs. Reachability: Fixing the Flaw in Classic Tier 0 Design

Learn how to fix the flaw in classic Tier 0 design by understanding the trade-off between authority and reachability in cybersecurity

Medium · Cybersecurity

Why Data Protection is Important for Everyone

Data protection is crucial for everyone due to the increasing risk of personal data misuse with digital usage

Defensive Security Tooling — part 2

Learn to use REMnux for malware analysis and improve your defensive security skills

Medium · Cybersecurity

Chapters (11)

Introduction

0:55 Start of nmap

2:30 Discovering it is Camaleon CMS based upon the theme url

4:00 Looking at the cookie to see it is likely a RAILS App

6:00 Discovering /admin, enumerating valid usernames by how long a login takes

9:40 Playing with Mass Assignment spots in the application, failing the first few

13:10 Exploiting mass assignment from the password reset and setting role to admin

16:30 Discovering AWS Information in the admin panel, setting upthe AWS CLI to use t

21:30 Cracking SSHNG$6 with John because Hashcat doesn't have this yet

25:15 Our user can run facter with sudo, looking at the GTFOBin and getting code exe

29:20 Beyond Root: Exploiting CVE-2024-46987, which is a File Disclosure

CAPTCHA Costs You Customers. There is a Better Solution! Introducing ActiveLayer

WPBeginner - WordPress Tutorials