HackTheBox - Love

Name: HackTheBox - Love
Uploaded: 2021-08-07T15:00:15Z
Channel: IppSec
Description: 00:00 - Intro 01:02 - Running nmap against all ports 04:55 - Attempting to enumerate the initial web page (Voting System) 08:00 - Nmap finished, checkin...

IppSec · Intermediate ·🛡️ AI Safety & Ethics ·4y ago

00:00 - Intro 01:02 - Running nmap against all ports 04:55 - Attempting to enumerate the initial web page (Voting System) 08:00 - Nmap finished, checking staging.love.htb from the SSL Certificate 10:05 - Finding an SSRF Vulnerability in the file scanner 12:30 - Having trouble using WFUZZ to fuzz all ports 17:45 - Switching to FFUF and still having trouble to fuzz all ports 24:30 - Fuzzing takes too long, trying ports from nmap to see if any page is restricted by IP and findig creds 29:45 - Attempting to use an exploit script for Voting System (More at end of video) 39:40 - Enough with the expl…

Watch on YouTube ↗ (saves to browser)

Chapters (13)

Intro

1:02 Running nmap against all ports

4:55 Attempting to enumerate the initial web page (Voting System)

8:00 Nmap finished, checking staging.love.htb from the SSL Certificate

10:05 Finding an SSRF Vulnerability in the file scanner

12:30 Having trouble using WFUZZ to fuzz all ports

17:45 Switching to FFUF and still having trouble to fuzz all ports

24:30 Fuzzing takes too long, trying ports from nmap to see if any page is restricte

29:45 Attempting to use an exploit script for Voting System (More at end of video)

39:40 Enough with the exploit script, manually exploiting the application with an im

43:43 Using Nishang to get a reverse shell, then running WinPEAS

52:30 Seeing AlwaysInstallElevated is set on the system, using msfvenom to build an

54:45 Box Done - Going back to the exploit script and getting it working

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →