Myvideo

Guest

Login

HackTheBox - AppSanity

Uploaded By: Myvideo
5 views
0
0 votes
0

00:00 - Introduction 01:00 - Start of nmap, showing 5985 isn't in the top1000 so doing a full port scan 04:40 - Taking a look at the MedDigi website 07:07 - Taking a look at the Signup Request seeing AcctType 09:30 - Changing the AcctType to 2 and getting a different privilege 14:00 - VHost enumeration shows the domain, using our pre-existing session from the main page on this domain to bypass login 17:52 - Discovering SSRF in the Prescriptions page 19:40 - Discovering the File Upload requires a PDF but checks the magic bytes so we can make a PDF Header on our file and upload ASPX Web Shells 25:30 - Going back to the SSRF and discovering we can use time-based queries to identify ports listening on localhost 28:30 - Using FFUF to filter by duration to show us the requests that don't take a long time 38:22 - Discovering port 8080 shows our upload location, then navigating to it and getting a shell 42:22 - Finding DLL's the webserver uses, they are

Share with your friends

Link:

Embed:

Video Size:

Custom size:

x

Add to Playlist:

Favorites
My Playlist
Watch Later