HackTheBox - Perfection

Name: HackTheBox - Perfection
Uploaded: 2024-07-06T15:01:01Z
Channel: IppSec
Description: 00:00 - Introduction 00:50 - Start of nmap 02:50 - Discovering the Weighted Grade Calculator which we will exploit 04:50 - Using FFUF to enumerate all b...

IppSec · Beginner ·🔐 Cybersecurity ·1y ago

00:00 - Introduction 00:50 - Start of nmap 02:50 - Discovering the Weighted Grade Calculator which we will exploit 04:50 - Using FFUF to enumerate all bad characters and discovering we can't send any symbols 07:10 - Quick bash one liner with JQ to URL Encode each line of our wordlist 09:30 - Discovering a New Line character breaks the search for Bad Characters, then getting a shell on the box 14:40 - Shell returned, looking at the source code and seeing the "Bad Character" filter was really a regex whitelist 18:50 - Discovering mail that says the password format in the database 21:50 - Using h…

Watch on YouTube ↗ (saves to browser)

Chapters (9)

Introduction

0:50 Start of nmap

2:50 Discovering the Weighted Grade Calculator which we will exploit

4:50 Using FFUF to enumerate all bad characters and discovering we can't send any s

7:10 Quick bash one liner with JQ to URL Encode each line of our wordlist

9:30 Discovering a New Line character breaks the search for Bad Characters, then ge

14:40 Shell returned, looking at the source code and seeing the "Bad Character" filt

18:50 Discovering mail that says the password format in the database

21:50 Using hashcat Bruteforce mode to crack the password

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →