HacktheBox - RouterSpace

Name: HacktheBox - RouterSpace
Uploaded: 2022-07-09T15:09:49Z
Channel: IppSec
Description: 00:00 - Intro 01:00 - Start of nmap 02:20 - Downloading the APK 03:30 - Running apktool to decode the APK, examining files, don't get much info 05:30 - ...

IppSec · Beginner ·🔐 Cybersecurity ·3y ago

00:00 - Intro 01:00 - Start of nmap 02:20 - Downloading the APK 03:30 - Running apktool to decode the APK, examining files, don't get much info 05:30 - Finding a certificate in the application that gives up the host name 07:00 - Trying out another APK Decompiler, Bytecode Viewer 10:15 - Start of setting up Genymotion 12:00 - Setting up the phone, accidentally choosing an ancient version which won't work 14:00 - Dragging the app to install it to the phone, get an error have to manually look at log file 14:40 - Setting up a newer phone so we can install the apk 16:00 - Installing the APK 16:40 -…

Watch on YouTube ↗ (saves to browser)

Chapters (21)

Intro

1:00 Start of nmap

2:20 Downloading the APK

3:30 Running apktool to decode the APK, examining files, don't get much info

5:30 Finding a certificate in the application that gives up the host name

7:00 Trying out another APK Decompiler, Bytecode Viewer

10:15 Start of setting up Genymotion

12:00 Setting up the phone, accidentally choosing an ancient version which won't wor

14:00 Dragging the app to install it to the phone, get an error have to manually loo

14:40 Setting up a newer phone so we can install the apk

16:00 Installing the APK

16:40 Configuring our phone to go through BurpSuite

18:15 Changing burpsuite to listen on all hosts

19:00 Showing the app is now going through burpsuite, adding the hostname to our hos

21:30 Finding command injection in the communication between app and server, reverse

24:45 Putting an SSH Key on the box

28:20 Got a shell on the box digging through to figure out the SSH Server, finding s

33:20 Discovering the rules.v6 file for iptables likely isn't changed, discovering t

35:00 Running LinPEAS but curling it over ipv6, http.server didn't listen, switching

40:00 Running CVE-2021-3156, sudo baron samedit exploit

43:20 Using IPv6 with our bash reverse shell

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →