HackTheBox - Inject

IppSec · Beginner ·🔐 Cybersecurity ·2y ago

00:00 - Introduction 00:58 - Start of nmap 01:45 - Trying to identify the technology running the webapp, 404 page reveals it is likely tomcat 03:00 - Running Gobuster, then checking out the page 04:00 - Uploading an image and discovering an file disclosure vulnerability 05:15 - Talking about how File Disclosures in Java can reveal directory listings, and grabbing pom.xml 07:45 - Using Snyk to identify vulnerabilities, but first we have to install Maven 10:45 - Exploiting CVE-2022-22963 Manually 11:55 - Playing with the exploit getting a reverse shell by dropping a file on the box (easy), then doing it without touching disk 18:30 - Shell as Frank, finding a password in the .m2/settings.xml file 19:50 - Shell as Phil 22:00 - Using find to show files owned by a group and finding a /opt/automation/tasks directory with ansible stuff 24:10 - Running Pspy to identify ansible is running on a cron job and executing any playbook in the automation directory 26:30 - Creating a playbook that sends us a shell

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →

HHC2016 - Analytics

HHC2016 - Analytics

HackTheBox - October

HackTheBox - October

HackTheBox - Arctic

HackTheBox - Arctic

HackTheBox - Brainfuck

HackTheBox - Brainfuck

HackTheBox - Bank

HackTheBox - Bank

HackTheBox - Joker

HackTheBox - Joker

HackTheBox - Lazy

HackTheBox - Lazy

Camp CTF 2015 - Bitterman

Camp CTF 2015 - Bitterman

HackTheBox - Devel

HackTheBox - Devel

Reversing Malicious Office Document (Macro) Emotet(?)

Reversing Malicious Office Document (Macro) Emotet(?)

HackTheBox - Granny and Grandpa

HackTheBox - Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Pivoting Update: Granny and Grandpa

HackTheBox - Optimum

HackTheBox - Optimum

HackTheBox - Charon

HackTheBox - Charon

HackTheBox - Sneaky

HackTheBox - Sneaky

HackTheBox - Holiday

HackTheBox - Holiday

HackTheBox - Europa

HackTheBox - Europa

Introduction to tmux

Introduction to tmux

HackTheBox - Blocky

HackTheBox - Blocky

HackTheBox - Nineveh

HackTheBox - Nineveh

HackTheBox - Jail

HackTheBox - Jail

HackTheBox - Blue

HackTheBox - Blue

HackTheBox - Calamity

HackTheBox - Calamity

HackTheBox - Shrek

HackTheBox - Shrek

HackTheBox - Mirai

HackTheBox - Mirai

HackTheBox - Shocker

HackTheBox - Shocker

HackTheBox - Mantis

HackTheBox - Mantis

HackTheBox - Node

HackTheBox - Node

HackTheBox - Kotarak

HackTheBox - Kotarak

HackTheBox - Enterprise

HackTheBox - Enterprise

HackTheBox - Sense

HackTheBox - Sense

HackTheBox - Minion

HackTheBox - Minion

VulnHub - Sokar

VulnHub - Sokar

VulnHub - Pinkys Palace v2

VulnHub - Pinkys Palace v2

HackTheBox - Inception

HackTheBox - Inception

Vulnhub - Trollcave 1.2

Vulnhub - Trollcave 1.2

HackTheBox - Ariekei

HackTheBox - Ariekei

HackTheBox - Flux Capacitor

HackTheBox - Flux Capacitor

HackTheBox - Jeeves

HackTheBox - Jeeves

HackTheBox - Tally

HackTheBox - Tally

HackTheBox - CrimeStoppers

HackTheBox - CrimeStoppers

HackTheBox - Fulcrum

HackTheBox - Fulcrum

HackTheBox - Chatterbox

HackTheBox - Chatterbox

HackTheBox - Falafel

HackTheBox - Falafel

How To Create Empire Modules

How To Create Empire Modules

HackTheBox - Nightmare

HackTheBox - Nightmare

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Nightmarev2 - Speed Run/Unintended Solutions

HackTheBox - Bart

HackTheBox - Bart

HackTheBox - Aragog

HackTheBox - Aragog

HackTheBox - Valentine

HackTheBox - Valentine

HackTheBox - Silo

HackTheBox - Silo

HackTheBox - Rabbit

HackTheBox - Rabbit

HackTheBox - Celestial

HackTheBox - Celestial

HackTheBox - Stratosphere

HackTheBox - Stratosphere

HackTheBox - Poison

HackTheBox - Poison

HackTheBox - Canape

HackTheBox - Canape

HackTheBox - Olympus

HackTheBox - Olympus

HackTheBox - Sunday

HackTheBox - Sunday

HackTheBox - Fighter

HackTheBox - Fighter

HackTheBox - Bounty

HackTheBox - Bounty

Related AI Lessons

Malware Through the Lens of Governance

Learn how the 1982 Elk Cloner malware pandemic can inform modern cybersecurity governance and risk management strategies

Medium · Cybersecurity

Synthesizing the Principles-Building Your Cohesive Security Blueprint

Learn to build a cohesive security blueprint by synthesizing key cybersecurity principles

Medium · Cybersecurity

Security Through Obscurity-A Clever Tactic, But a Terrible Strategy

Learn why Security Through Obscurity is a flawed strategy for protecting digital systems and what alternatives can be used instead

Medium · Cybersecurity

American Lending Center Data Breach Impacts 123,000 Individuals: What Financial Institutions Must…

American Lending Center's data breach affects 123,000 individuals, highlighting the need for financial institutions to prioritize cybersecurity

Medium · Cybersecurity

Chapters (14)

Introduction

0:58 Start of nmap

1:45 Trying to identify the technology running the webapp, 404 page reveals it is l

3:00 Running Gobuster, then checking out the page

4:00 Uploading an image and discovering an file disclosure vulnerability

5:15 Talking about how File Disclosures in Java can reveal directory listings, and

7:45 Using Snyk to identify vulnerabilities, but first we have to install Maven

10:45 Exploiting CVE-2022-22963 Manually

11:55 Playing with the exploit getting a reverse shell by dropping a file on the box

18:30 Shell as Frank, finding a password in the .m2/settings.xml file

19:50 Shell as Phil

22:00 Using find to show files owned by a group and finding a /opt/automation/tasks

24:10 Running Pspy to identify ansible is running on a cron job and executing any pl

26:30 Creating a playbook that sends us a shell

Top 7 Free Cybersecurity Courses With Certificates | Learn Cybersecurity For Free | Simplilearn