HackTheBox - Intentions | allinfosecnews.com

Oct. 14, 2023, 3 p.m. | IppSec

IppSec www.youtube.com

00:00 - Introduction
01:00 - Start of nmap
02:30 - Looking at the login request, guessing it is Laravel based upon XSRF being in cookie and header
08:10 - Playing with updating genre and viewing feed to discover an error
10:04 - Opening up SQL Fiddle to explain what I think is going on, its using FIND_IN_SET
14:20 - Discovering space is a bad character and when this happens using the -- comment is bad
17:48 - Manually dumping the …

cookie discover error feed hackthebox header introduction laravel login nmap request sql start

More from www.youtube.com / IppSec

HackTheBox - Analysis 16 hours ago | www.youtube.com

analysis bruteforce can css +16

HackTheBox - Bizness 1 week ago | www.youtube.com

access authentication authentication bypass bypass +13

HackTheBox - Ouija 2 weeks ago | www.youtube.com

api cve domain ffuf +16

HackTheBox - Monitored 3 weeks ago | www.youtube.com

can community data default +7

HackTheBox - Napper 4 weeks ago | www.youtube.com

blog blog post bruteforce credentials +11

HackTheBox - Devvortex 1 month ago | www.youtube.com

application config deep dive dev +11

HackTheBox - Surveillance 1 month, 1 week ago | www.youtube.com

box cms exploit github +9

HackTheBox - Hospital 1 month, 2 weeks ago | www.youtube.com

can disabled docker files +16

HackTheBox - Codify 1 month, 3 weeks ago | www.youtube.com

blocked code code execution cracking +18

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com