Myvideo

Guest

Login

HackTheBox - JSON

Uploaded By: Myvideo
2 views
0
0 votes
0
AboutShareDownloadAdd to

00:52 - Start of recon, NMAP 04:35 - Using SMBClient to look for OpenShares 04:50 - Examining the HTTP Redirect on the page 06:56 - Attemping default credentials 08:25 - Running GoBuster with PHP Extensions 12:45 - Examining the /api/ Requests made in BurpSuite 13:35 - Comparing Requests to notice one has a “BEARER“ Header. Researching exactly what it is. 14:45 - Examining the contents of BEARER/OAUTH2 by base64 decoding it. 15:50 - Inducing an error message by placing invalid base64, then trying to get a different error message by putting valid but unexpected bas64 16:50 - See a serialization error, pointing towards , then switching to Windows to install ysoSerial 22:54 - Creating a .net Deserialization exploit that will ping us 27:50 - Base64 encoding the exploit, starting tcpdump, and checking for code execution. Then editing our exploit use a PowerShell webcradle with Nishang to get a reverse shell 32:51 - Reverse Shell Returned, Running WinPEAS from

Share with your friends

Link:

Embed:

Video Size:

Custom size:

x
Share this video

Copy Link:

Google Plus

Add to Playlist:

Favorites
My Playlist
Watch Later
Add to
Favorites
My Playlist
Watch Later
Similar VideosComments
Адище с домен контроллером: HackTheBox MistWatch Video
2 weeks ago
00:58:07
Адище с домен контроллером: HackTheBox Mist
1 87%
Ищем индикаторы компрометации (IOC): HackTheBox Lockpick 4.0Watch Video
4 weeks ago
00:23:41
Ищем индикаторы компрометации (IOC): HackTheBox Lockpick 4.0
10 74%
Взломать библиотеку: HackTheBox EditorialWatch Video
3 weeks ago
00:09:36
Взломать библиотеку: HackTheBox Editorial
5 5%
Ловим дата-сатаниста на огурчик: HackTheBox BlurryWatch Video
4 weeks ago
00:18:39
Ловим дата-сатаниста на огурчик: HackTheBox Blurry
9 92%
Злые чашки или атака на сервер печати CUPS: HackTheBox EvilCUPSWatch Video
1 month ago
00:10:35
Злые чашки или атака на сервер печати CUPS: HackTheBox EvilCUPS
23 57%
От работы до рута: HackTheBox FreelancerWatch Video
1 month ago
00:30:39
От работы до рута: HackTheBox Freelancer
3 83%
CryptoCat Tier 0: HackTheBox Starting Point - 5 Machines - Full Walkthrough (for beginners)Watch Video
1 month ago
00:46:29
CryptoCat Tier 0: HackTheBox Starting Point - 5 Machines - Full Walkthrough (for beginners)
9 63%
I Played HackTheBox For 30 Days - Here's What I LearnedWatch Video
2 months ago
00:10:23
I Played HackTheBox For 30 Days - Here's What I Learned
1 95%
Насколько уязвим Dolibarr ERP/CRM: HackTheBox BoardLightWatch Video
1 month ago
00:08:55
Насколько уязвим Dolibarr ERP/CRM: HackTheBox BoardLight
14 64%
Заказываем себе командировку: HackTheBox SolarLabWatch Video
2 months ago
00:21:06
Заказываем себе командировку: HackTheBox SolarLab
10 44%
Проходим собеседование по Volatility: HackTheBox MellitusWatch Video
2 months ago
00:11:41
Проходим собеседование по Volatility: HackTheBox Mellitus
11 59%
Пентестим API: HackTheBox TwoMillionWatch Video
2 months ago
00:13:01
Пентестим API: HackTheBox TwoMillion
17 47%
Повышаемся через Capabilities: HackTheBox CapWatch Video
2 months ago
00:05:34
Повышаемся через Capabilities: HackTheBox Cap
36 58%
Раскручиваем XSS в SSRF/LFI: HackTheBox IntuitionWatch Video
2 months ago
00:29:05
Раскручиваем XSS в SSRF/LFI: HackTheBox Intuition
17 56%
Дырявый Outlook: HackTheBox MailingWatch Video
2 months ago
00:16:03
Дырявый Outlook: HackTheBox Mailing
24 35%
Уязвимость в Vault и Race Condition: HackTheBox SkyfallWatch Video
2 months ago
00:11:26
Уязвимость в Vault и Race Condition: HackTheBox Skyfall
19 46%
Как зарегистрироваться на платформе HackTheBoxWatch Video
3 months ago
00:10:06
Как зарегистрироваться на платформе HackTheBox
182 58%
Пробиваем TeamCity и Portainer: HackTheBox RunnerWatch Video
3 months ago
00:15:57
Пробиваем TeamCity и Portainer: HackTheBox Runner
22 66%
Hackers are looking at your websiteWatch Video
3 months ago
00:00:57
Hackers are looking at your website
20 69%
XSS, брут, мисконфиг: проходим HackTheBox FormulaXWatch Video
3 months ago
00:29:50
XSS, брут, мисконфиг: проходим HackTheBox FormulaX
43 26%
Прохождение машины HackTheBox WifineticTwo на #linux на русском языкеWatch Video
3 months ago
00:16:52
Прохождение машины HackTheBox WifineticTwo на #linux на русском языке
9 55%
Реверсим шерлок HackTheBox LockpickWatch Video
3 months ago
00:09:23
Реверсим шерлок HackTheBox Lockpick
8 21%
Прохождение машины HackTheBox Headless на #linux на русском языкеWatch Video
3 months ago
00:10:05
Прохождение машины HackTheBox Headless на #linux на русском языке
10 25%
Прохождение машины HackTheBox Bizness на #linux на русском языкеWatch Video
3 months ago
00:13:37
Прохождение машины HackTheBox Bizness на #linux на русском языке
4 17%
0 Comments
Guest