all InfoSec news
HackTheBox - Ambassador
Jan. 28, 2023, 3 p.m. | IppSec
IppSec www.youtube.com
00:45 - Start of nmap
03:30 - Discovering Grafana and seeing it is ~2 years old
05:00 - Looking for exploits
06:00 - Manually performing the exploit
08:45 - Looking for interesting files, extracting Grafana config which lets us log in
12:55 - Extracting the SQLite3 Database in order to get the MySQL Password
15:30 - Logging into MySQL and getting SSH Creds from the whackywidget database
18:00 - Looking at the WhackyWidget application and discovering an …
ambassador application database exploit exploits files grafana hackthebox log logging mysql nmap old order password performing sqlite3 ssh start
More from www.youtube.com / IppSec
HackTheBox - Analytics
3 weeks, 6 days ago |
www.youtube.com
HackTheBox - AppSanity
1 month, 1 week ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Junior Cybersecurity Triage Analyst
@ Peraton | Linthicum, MD, United States
Associate Director, Operations Compliance and Investigations Management
@ Legend Biotech | Raritan, New Jersey, United States
Analyst, Cyber Operations Engineer
@ BlackRock | SN6-Singapore - 20 Anson Road
Working Student/Intern/Thesis: Hardware based Cybersecurity Training (m/f/d)
@ AVL | Regensburg, DE