HackTheBox - Vessel

00:00 - Introduction talking about how this box is about finding CVE's and building an exploit based upon exploit 00:50 - Start of nmap 03:00 - Running gobuster and showing the importance of using multiple wordlists. 05:00 - Attempting to register an account, which shows the endpoint /api/register but /api/ returns a 404 06:10 - Showing that raft-small-words wordlist won't discover .git but will because commons has .git/HEAD 08:25 - Running Git-Dumper to extract the source then looking at the code 09:00 - Showing the vulnerable code and how secure the code appears at first glance without knowing specifics about the library 10:00 - Googling MySQLJS Sql Injection and showing how you would have found this exploit 11:30 - Showing how you could have found it blindly, passing an object into the SQL Query and doing SQL Injection on NodeJS with MySQL 19:00 - Logging in and finding OpenWebAnalytics version , finding a CVE and writeup for the vulnerability 22:30 -