HackTheBox - Fortune

IppSec · Beginner ·🖊️ Copywriting & Content Strategy ·6y ago

Skills: AI Security80%Defensive AI70%Prompt Craft60%

01:04 - Begin of recon 04:41 - Exploring the web page on port 80 06:02 - Using wfuzz to do a special character fuzz to identify odd behavior and discover command injection 11:06 - Creating a hotkey in Burpsuite to send requests in repeater pane 11:50 - Start of creating a python program to automate this 17:30 - Script finished 18:30 - Exploring /var/appsrv 21:15 - Exploring authpf 22:30 - Hunting for the signing key for the CA to view HTTPS 24:40 - Copying the certificates to our box 26:00 - Creating and signing a Client Certificate 28:50 - Importing the certificate into FireFox 30:49 - Discovering the reason our certificate isn't working (time of server is behind) 31:50 - Accessing the HTTPS Website to get a SSH key for NFSUSER 33:40 - Discovering additional ports are open after using SSH with NFSUSER 34:45 - Installing the NFS-COMMON package to get the showmount binary 35:10 - Mounting a NFS Share with Version 2 36:00 - Editing our User ID on our box to gain access to the NFS Directories 37:00 - Reading mail to discover that the root password is set to the Postgres databases root pw 37:30 - Testing if we could setup a SetUID Binary with this NFS (Check Jail Video for this being successful) 40:20 - SSH into the box as Charlie and dumping the database 43:40 - Exploring the source code to the web application 47:00 - Copying the crypto python script to our box, which will let us decrypt it 47:40 - Copying the secrets into the crypto python script and decrypting the password

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

More on: AI Security

View skill →

Managing Threat Intelligence with Cortex XSOAR

SECURE Your App with Roles and Permissions in Spring Security!

SECURE Your App with Roles and Permissions in Spring Security!

TheCodeAlchemist

Pete Bryan - Scaling Jupyter Notebooks for global scale security analysis | JupyterCon 2020

Pete Bryan - Scaling Jupyter Notebooks for global scale security analysis | JupyterCon 2020

Warning! Python Remote Keylogger (this is really too easy!)

Warning! Python Remote Keylogger (this is really too easy!)

Episode 9: Automating Single-Turn Attacks with PyRIT | AI Red Teaming 101

Episode 9: Automating Single-Turn Attacks with PyRIT | AI Red Teaming 101

Microsoft Developer

Secure Agent Authorization with OAuth 2.0 | Amazon Bedrock AgentCore | Amazon Web Services

Secure Agent Authorization with OAuth 2.0 | Amazon Bedrock AgentCore | Amazon Web Services

Amazon Web Services

Related AI Lessons

You know that feeling when you’ve written something brilliant, and nobody gets it?

Learn to make your writing more engaging and memorable, even when the idea is solid and logic is clear

The Soul Behind the Sentence

Learn to write with authenticity and courage to convey your unique voice

“Here’s a pillow the cat didn’t pee on”

Learn to reframe negative statements into positive and actionable ones to improve communication

Seth Godin's Blog

Wie oft sollte man einen Text vor Abgabe prüfen?

Learn how to effectively review and edit your writing to ensure clarity and accuracy, and why multiple checks are crucial before submission

Chapters (24)

1:04 Begin of recon

4:41 Exploring the web page on port 80

6:02 Using wfuzz to do a special character fuzz to identify odd behavior and discov

11:06 Creating a hotkey in Burpsuite to send requests in repeater pane

11:50 Start of creating a python program to automate this

17:30 Script finished

18:30 Exploring /var/appsrv

21:15 Exploring authpf

22:30 Hunting for the signing key for the CA to view HTTPS

24:40 Copying the certificates to our box

26:00 Creating and signing a Client Certificate

28:50 Importing the certificate into FireFox

30:49 Discovering the reason our certificate isn't working (time of server is behind

31:50 Accessing the HTTPS Website to get a SSH key for NFSUSER

33:40 Discovering additional ports are open after using SSH with NFSUSER

34:45 Installing the NFS-COMMON package to get the showmount binary

35:10 Mounting a NFS Share with Version 2

36:00 Editing our User ID on our box to gain access to the NFS Directories

37:00 Reading mail to discover that the root password is set to the Postgres databas

37:30 Testing if we could setup a SetUID Binary with this NFS (Check Jail Video for

40:20 SSH into the box as Charlie and dumping the database

43:40 Exploring the source code to the web application

47:00 Copying the crypto python script to our box, which will let us decrypt it

47:40 Copying the secrets into the crypto python script and decrypting the password

Why are our bodies never good enough?