HackTheBox - WhiteRabbit

Name: HackTheBox - WhiteRabbit
Uploaded: 2025-12-13T15:01:45+00:00
Channel: IppSec
Description: 00:00 - Introduction 01:00 - Start of nmap 05:10 - Playing with a JavaScript Client app (Vue) to get information to do recon and finding public /status/...

IppSec · Beginner ·🔐 Cybersecurity ·3mo ago

00:00 - Introduction 01:00 - Start of nmap 05:10 - Playing with a JavaScript Client app (Vue) to get information to do recon and finding public /status/ page 12:00 - Looking at the N8N Workflow with GoPhish 14:30 - Looking at the JSON Schema File that leaks a secret key and shows possible SQL Injection 18:00 - Using CyberChef to test the HMAC Key and confirm we can sign payloads 21:50 - Switching to Caido to show we can create WorkFlows on the Replay (repeater) functionality 25:20 - Creating a convert workflow to HMAC Sign all our requests 35:40 - Using the MITM Python Library to quickly writ…

Watch on YouTube ↗ (saves to browser)

Chapters (14)

Introduction

1:00 Start of nmap

5:10 Playing with a JavaScript Client app (Vue) to get information to do recon and

12:00 Looking at the N8N Workflow with GoPhish

14:30 Looking at the JSON Schema File that leaks a secret key and shows possible SQL

18:00 Using CyberChef to test the HMAC Key and confirm we can sign payloads

21:50 Switching to Caido to show we can create WorkFlows on the Replay (repeater) fu

25:20 Creating a convert workflow to HMAC Sign all our requests

35:40 Using the MITM Python Library to quickly write a proxy that would sign our req

45:20 SQLMap found the injection, dumping tables discovering a restic password

48:50 Using the restic CLI to download a backup, then cracking the 7z file. Cracking

57:00 On the box, we can run restic with sudo, use password-command to give us a roo

1:05:50 Finding the neo password generator, discovering it uses random insecurely to s

1:18:45 Adding milliseconds to our timestamp and then bruteforcing the password to get

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →