HackTheBox - Soulmate

Name: HackTheBox - Soulmate
Uploaded: 2026-02-14T15:00:47+00:00
Channel: IppSec
Description: 00:00 - Introduction 00:40 - Start of nmap 02:10 - Bruteforcing virtualhosts with ffuf 03:30 - Discovering CrushFTP, running nuclei which will get the v...

IppSec · Beginner ·🔐 Cybersecurity ·1mo ago

00:00 - Introduction 00:40 - Start of nmap 02:10 - Bruteforcing virtualhosts with ffuf 03:30 - Discovering CrushFTP, running nuclei which will get the version 04:50 - Playing with the soulmate.htb website while our recon runs 09:20 - Looking at CVE-2025-31161 which nuclei told us, its an exploit within CrushFTP then manually playing with the exploit 14:00 - Showing CrushFTP also leaks the version when requesting javascript files to load the page 17:00 - Finding a CVE that exploits this 21:00 - Showing we don't actually need to create a user with this exploit 27:30 - Changing the FTP Home Direc…

Watch on YouTube ↗ (saves to browser)

Chapters (14)

Introduction

0:40 Start of nmap

2:10 Bruteforcing virtualhosts with ffuf

3:30 Discovering CrushFTP, running nuclei which will get the version

4:50 Playing with the soulmate.htb website while our recon runs

9:20 Looking at CVE-2025-31161 which nuclei told us, its an exploit within CrushFTP

14:00 Showing CrushFTP also leaks the version when requesting javascript files to lo

17:00 Finding a CVE that exploits this

21:00 Showing we don't actually need to create a user with this exploit

27:30 Changing the FTP Home Directory to the root webserver, which will let us uploa

30:00 Shell on the box, looking at the database

34:40 Looking at running processes, discovering an erlang script

35:50 Unintended: Exploiting the erlang application though the erl shell

40:00 Exploiting CVE-2025-32433 which is a unauth poc against erlangs SSH Server

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →