HackTheBox - iClean

Name: HackTheBox - iClean
Uploaded: 2024-08-03T15:00:13Z
Channel: IppSec
Description: 00:00 - Introduction 01:00 - Start of nmap 02:00 - Taking a look at the website 04:00 - Testing the Get a Quote feature for XSS 06:30 - Weaponizing the ...

IppSec · Beginner ·🔐 Cybersecurity ·1y ago

00:00 - Introduction 01:00 - Start of nmap 02:00 - Taking a look at the website 04:00 - Testing the Get a Quote feature for XSS 06:30 - Weaponizing the img src xss test by adding fetch to attempt to exfil the cookies 10:00 - Looking at the dashboard and seeing what features are available 13:00 - Discovering SSTI in the QR Code Feature, can do basic SSTI but any complex fails without any evasion 18:30 - Explaining the SSTI Evasion with Jinja2/Python 25:45 - Shell returned on the machine, discovering Consuela's password in MYSQL 29:45 - Consuela can run qpdf as rood, looking at the man page and …

Watch on YouTube ↗ (saves to browser)

Chapters (10)

Introduction

1:00 Start of nmap

2:00 Taking a look at the website

4:00 Testing the Get a Quote feature for XSS

6:30 Weaponizing the img src xss test by adding fetch to attempt to exfil the cooki

10:00 Looking at the dashboard and seeing what features are available

13:00 Discovering SSTI in the QR Code Feature, can do basic SSTI but any complex fai

18:30 Explaining the SSTI Evasion with Jinja2/Python

25:45 Shell returned on the machine, discovering Consuela's password in MYSQL

29:45 Consuela can run qpdf as rood, looking at the man page and discovering it can

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →