HackTheBox - Cat скачать в хорошем качестве

HackTheBox - Cat

00:00 - Introduction 01:00 - Start of nmap 03:00 - Taking a look at uploads at the website starting with upload functionality 05:40 - Discovering .git directory, using git-dumper to grab the source and examining the code behind upload to see it is likely not vulnerable 10:10 - Testing for XSS in username, getting admin cookie upon submitting a cat to the site 14:45 - Showing another way to do XSS Bypassing a filter via HTML Entity Encoding 26:30 - Analzying the code with Snyk and OpenGrep to find vulnerabilities and discovering SQL Injection 31:40 - Using SQLMap to dump the database via a boolean injection which is slow 39:20 - Showing we could manually exploit it quickly by dropping a file via sqlite injection 42:00 - Using SQLDump to dump hashes, then sending them to crackstation to get rosa's password 44:45 - Discovering the application does logins via GET which would put passwords in a log file, rosa is a member of ADM and can read logs. 46:20 - Logging in with Axel, discovering Gitea is running and setting up a port forward 48:00 - Exploiting an XSS In Gitea by performing CSRF to grab pages of a sensitive repository CVE-2024-6886 59:30 - Fixing up our exploit script then grabbing the repo to get root's password