HackTheBox - CozyHosting

Uploaded By: Myvideo

Published on

23 Apr 2024

3 views

0

0 votes

0

About Share Download Add to

00:00 - Introduction 01:00 - Start of nmap 03:10 - Identify JSESSIONID with nginx, but nginx appears to be configured correctly 06:00 - Googling the error message to identify the page uses SpringBoot, using a SpringBoot wordlist to find actuators! 10:30 - Using the Sessions Actuator and seeing a session for kanderson, logging in to get to the admin interface 14:15 - Finding RCE in the ExecSSH Page 23:20 - Shell on CozyHosting, looking at running services 26:00 - Examining the CozyHosting Jar to identify PostGres credentials then dumping the users table and cracking hashes 33:00 - Josh can run SSH with sudo, using proxy command to get root 34:10 - Explaining what ProxyCommand is

Share with your friends

Link:

Embed:

<iframe width="640" height="360" src="//myvideo.cc/embed/c1UzU0lvbFZBZGpRSHkvSEZpWklDckh0TkkwM1JFRXJxNWNpUVdwWnRicz0" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>

Video Size:

Custom size:

x

Autoplay video

Hide player controls

Hide resume playing

Add to Playlist:

Favorites

My Playlist

Watch Later

Хакерство для всех: понятные инструкции для начинающих | Иван Глинкин HydrAttack

2 weeks ago

00:00:00

Хакерство для всех: понятные инструкции для начинающих | Иван Глинкин HydrAttack

1 88%

Решаем Тред Ариадны | TINKOFF CTF 2024 | EASY

2 months ago

00:04:06

Решаем Тред Ариадны | TINKOFF CTF 2024 | EASY

1 24%

HackTheBox - Analytics

2 months ago

00:32:44

HackTheBox - Analytics

3 63%

HackTheBox - Manager

2 months ago

00:34:38

HackTheBox - Manager

1 46%

HackTheBox - AppSanity

2 months ago

01:27:34

HackTheBox - AppSanity

1 84%

HackTheBox - CozyHosting

2 months ago

00:37:18

HackTheBox - CozyHosting

3 12%

HackTheBox - Visual

2 months ago

00:41:25

HackTheBox - Visual

2 19%

HackTheBox - Drive

2 months ago

01:46:13

HackTheBox - Drive

1 87%

HackTheBox - Builder

2 months ago

01:12:42

HackTheBox - Builder

2 67%

HackTheBox - Keeper

2 months ago

00:26:29

HackTheBox - Keeper

1 22%

HackTheBox RegistryTwo

2 months ago

02:06:46

HackTheBox RegistryTwo

2 52%

HackTheBox - Clicker

2 months ago

00:54:43

HackTheBox - Clicker

6 38%

HackTheBox - Bookworm

2 months ago

02:05:30

HackTheBox - Bookworm

1 7%

Прохождение #Linux-машины , сложного уровня | #HackTheBox | КАК ПРОЙТИ #

2 months ago

00:36:09

Прохождение #Linux-машины , сложного уровня | #HackTheBox | КАК ПРОЙТИ #

1 46%

HackTheBox - Hospital

3 months ago

01:14:43

HackTheBox - Hospital

1.2K 80%

Best Hacking Laptop 2023

3 months ago

00:33:44

Best Hacking Laptop 2023

1 92%

Top Hacking Books for 2023

3 months ago

00:27:16

Top Hacking Books for 2023

1 17%

hack the box

3 months ago

02:00:43

hack the box

1 47%

Расследую инцидент взлома | #HackTheBox | КАК ПРОЙТИ #

3 months ago

00:20:43

Расследую инцидент взлома | #HackTheBox | КАК ПРОЙТИ #

1 91%

Прохождение Linux-машины средней сложности SANDWORM HackTheBox | КАК ПРОЙТИ

3 months ago

00:30:39

Прохождение Linux-машины средней сложности SANDWORM HackTheBox | КАК ПРОЙТИ

1 53%

Прохождение задания UNDER CONSTRUCTION на Google CTF 2023 | КАК ПРОЙТИ UNDER CONSTRUCTION GOOGLE CTF

4 months ago

00:13:24

Прохождение задания UNDER CONSTRUCTION на Google CTF 2023 | КАК ПРОЙТИ UNDER CONSTRUCTION GOOGLE CTF

1 76%

Bug Bounty Course 2024 Updated

4 months ago

11:21:04

Bug Bounty Course 2024 Updated

1 57%

George Hotz | Programming | Hack The Box | ctf practice for skill (should tomcr00se return)

5 months ago

05:30:24

George Hotz | Programming | Hack The Box | ctf practice for skill (should tomcr00se return)

3 61%

HackTheBox Zipping

6 months ago

01:02:06

HackTheBox Zipping

16 46%

0 Comments

Guest