HackTheBox - MonitorsThree

Name: HackTheBox - MonitorsThree
Uploaded: 2025-01-18T15:00:06Z
Channel: IppSec
Description: 00:00 - Introduction 01:00 - Start of nmap 04:20 - Examining Forgot Password to discover we can enumerate usernames and discover an SQL Error 05:04 - Sh...

IppSec · Beginner ·📊 Data Analytics & Business Intelligence ·1y ago

00:00 - Introduction 01:00 - Start of nmap 04:20 - Examining Forgot Password to discover we can enumerate usernames and discover an SQL Error 05:04 - Showing why union injections aren't going to help us, then showing SQLMap 08:40 - Start of talking about error injection 11:20 - Dumping the database, table and column information from information_schema via errors caused by EXTRACTVALUE 21:50 - Logging into the website, not discovering anything really useful to us 22:30 - Testing our credentials against CACTI, which is version 1.2.26 and vulnerable to CVE-2024-25641 27:10 - Shell returned, dumpi…

Watch on YouTube ↗ (saves to browser)

Chapters (12)

Introduction

1:00 Start of nmap

4:20 Examining Forgot Password to discover we can enumerate usernames and discover

5:04 Showing why union injections aren't going to help us, then showing SQLMap

8:40 Start of talking about error injection

11:20 Dumping the database, table and column information from information_schema via

21:50 Logging into the website, not discovering anything really useful to us

22:30 Testing our credentials against CACTI, which is version 1.2.26 and vulnerable

27:10 Shell returned, dumping the cacti database to get more credentials

36:50 Forwarding 8200 to us, and accessing duplicati's interface

39:00 Discovering an auth bypass in duplicate when you have access to the database

44:50 Backing up a crontab that has a reverse shell in it, then restoring it to the

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →