Myvideo

Guest

Login

HackTheBox - BroScience

Uploaded By: Myvideo
13 views
0
0 votes
0

00:00 - Intro 00:51 - Start of nmap 02:30 - Finding some vulnerable-looking parameters 03:50 - Testing some basic things for LFI, finding a WAF blocking ../. Double encoding it to get passed 07:11 - Start of writing a script to abuse this LFI and crawl/download all the php source 10:30 - Making the script recursive, so it will check pages downloaded for new links 16:50 - Making the script save the files 19:40 - Opening the code in Visual Studio Code, and showing off Snyk's static code anlysis to highlight a Unserialization vuln 22:20 - Identifying how the site generates activation codes upon registration identifying an insecure use of SRAND(). Generating our own activation code 25:30 - Exploiting the PHP Unserialization by finding a vulnerable gadget (wakeup) which will save a file 27:45 - Building a deserialization object to download a file off our server and write it to the web directory 32:08 - EDIT: Talking about webserver hardening (allow_url_fopen in php) and how it

Share with your friends

Link:

Embed:

Video Size:

Custom size:

x

Add to Playlist:

Favorites
My Playlist
Watch Later