UHC - Ransom

Name: UHC - Ransom
Uploaded: 2022-03-15T20:02:21Z
Channel: IppSec
Description: 00:00 - Intro 01:05 - Start of nmap, getting distribution by googling SSH/HTTP Server headers 02:40 - Checking out the web page and discovering it is a ...

IppSec · Beginner ·🔐 Cybersecurity ·4y ago

00:00 - Intro 01:05 - Start of nmap, getting distribution by googling SSH/HTTP Server headers 02:40 - Checking out the web page and discovering it is a Laravel PHP Application based upon the cookie 04:10 - Talking a little bit about Laravel Internals, and why our web request is going to the API Middleware is useful 05:50 - Showing that Laravel accepts data in the BODY even if it is a GET Request 08:25 - Changing our content type to JSON which will allow us to send JSON to the Laravel API 09:42 - Setting the password to the boolean true and bypassing login, explaining why === is important 12:4…

Watch on YouTube ↗ (saves to browser)

Chapters (13)

Intro

1:05 Start of nmap, getting distribution by googling SSH/HTTP Server headers

2:40 Checking out the web page and discovering it is a Laravel PHP Application base

4:10 Talking a little bit about Laravel Internals, and why our web request is going

5:50 Showing that Laravel accepts data in the BODY even if it is a GET Request

8:25 Changing our content type to JSON which will allow us to send JSON to the Lara

9:42 Setting the password to the boolean true and bypassing login, explaining why =

12:40 Logging into the application and discovering a zip file that is encrypted with

13:15 Showing where I got the inspiration for creating this challenge! An actual lea

15:15 Decrypting the zip with a known plaintext attack with bkcrack

22:50 Logging into the box with the SSH Key

23:30 Looking at the Laravel Source Code to find where the login function is and get

25:30 Showing the vulnerable function of the applicaiton, and that using three equal

Playlist

Uploads from IppSec · IppSec · 0 of 60

← Previous Next →