HackTheBox - Interface

Uploaded By: Myvideo

Published on

15 May 2023

19 views

0

0 votes

0

About Share Download Add to

00:00 - Introduciton 00:50 - Start of nmap, navigating to the page and identifying the framework based upon 404 02:30 - Playing around looking at javascript source, not getting anything 04:30 - Playing around with ... I’m guessing file not found is the webserver, not actual code. 07:40 - Showing the difficulty of dirbusting API Servers 11:20 - Showing importance of updating FeroxBuster 15:00 - Playing with the HTML2PDF endpoint and discovering we need to send a POST with HTML as an argument 18:20 - The PDF Generated has dompdf in the exif data searching for exploits 20:40 - Researching how CVE-2022-28368 works, then manually exploiting the vulnerabiltiy 28:50 - The CSS/Font is created, running the exploit and finding where the Font (PHP File) gets uploaded to 34:30 - Reverse shell returned 38:15 - Uploading pspy to examine how the box cleans itself up 40:20 - Discovering and exploiting Bash Arithmetic Injection

Share with your friends

Link:

Embed:

<iframe width="640" height="360" src="//myvideo.cc/embed/T0xrc1YxaXQ3WW9sSU4rOHVYWTJzQzBMcGhBSEJHRWtVYVgvakdTbzhXYz0" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>

Video Size:

Custom size:

x

Autoplay video

Hide player controls

Hide resume playing

Add to Playlist:

Favorites

My Playlist

Watch Later

I Played HackTheBox For 30 Days - Here's What I Learned

5 months ago

00:10:23

I Played HackTheBox For 30 Days - Here's What I Learned

1 13%

Хакерство для всех: понятные инструкции для начинающих | Иван Глинкин HydrAttack

8 months ago

00:00:00

Хакерство для всех: понятные инструкции для начинающих | Иван Глинкин HydrAttack

1 59%

Решаем Тред Ариадны | TINKOFF CTF 2024 | EASY

9 months ago

00:04:06

Решаем Тред Ариадны | TINKOFF CTF 2024 | EASY

1 93%

HackTheBox - Analytics

10 months ago

00:32:44

HackTheBox - Analytics

18 55%

HackTheBox - Manager

10 months ago

00:34:38

HackTheBox - Manager

2 23%

HackTheBox - AppSanity

10 months ago

01:27:34

HackTheBox - AppSanity

5 33%

HackTheBox - CozyHosting

10 months ago

00:37:18

HackTheBox - CozyHosting

6 89%

HackTheBox - Visual

10 months ago

00:41:25

HackTheBox - Visual

5 37%

HackTheBox - Drive

10 months ago

01:46:13

HackTheBox - Drive

2 9%

HackTheBox - Builder

10 months ago

01:12:42

HackTheBox - Builder

4 44%

HackTheBox - Keeper

10 months ago

00:26:29

HackTheBox - Keeper

1 11%

HackTheBox RegistryTwo

10 months ago

02:06:46

HackTheBox RegistryTwo

2 79%

HackTheBox - Clicker

10 months ago

00:54:43

HackTheBox - Clicker

11 12%

HackTheBox - Bookworm

10 months ago

02:05:30

HackTheBox - Bookworm

1 10%

Best Hacking Laptop 2023

10 months ago

00:33:44

Best Hacking Laptop 2023

1 34%

Top Hacking Books for 2023

10 months ago

00:27:16

Top Hacking Books for 2023

1 48%

Прохождение Linux-машины средней сложности SANDWORM HackTheBox | КАК ПРОЙТИ

11 months ago

00:30:39

Прохождение Linux-машины средней сложности SANDWORM HackTheBox | КАК ПРОЙТИ

1 59%

Bug Bounty Course 2024 Updated

11 months ago

11:21:04

Bug Bounty Course 2024 Updated

1 7%

George Hotz | Programming | Hack The Box | ctf practice for skill (should tomcr00se return)

1 year ago

05:30:24

George Hotz | Programming | Hack The Box | ctf practice for skill (should tomcr00se return)

3 94%

HackTheBox Zipping

1 year ago

01:02:06

HackTheBox Zipping

17 67%

HackTheBox - Sau

1 year ago

00:16:21

HackTheBox - Sau

18 24%

HackTheBox - Coder

1 year ago

02:09:39

HackTheBox - Coder

15 45%

Прохождение Linux-машины средней сложности SURVEILLANCE HackTheBox | КАК ПРОЙТИ

1 year ago

00:29:19

Прохождение Linux-машины средней сложности SURVEILLANCE HackTheBox | КАК ПРОЙТИ

2 62%

HackTheBox - Jupiter

1 year ago

00:39:17

HackTheBox - Jupiter

7 82%

0 Comments

Guest