all InfoSec news
HackTheBox - OnlyForYou
Aug. 26, 2023, 3 p.m. | IppSec
IppSec www.youtube.com
01:00 - Start of nmap
03:20 - Discovering beta.only4you.htb
03:55 - Downloading the source, scanning with Snyk and discovering a File Disclosure vuln
05:15 - Demonstrating that os.path.join in python will do unexpected things if a path begins with slash
07:30 - Failing to get /proc/self/environ, not sure why we failed here
09:20 - Grabbing the nginx configuration to discover where the websites are stored, using the File Disclosure Vuln to leak source of main website
11:15 …
beta disclosure file hackthebox htb introduction nmap path proc python scanning snyk start things vuln
More from www.youtube.com / IppSec
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)