all InfoSec news
HackTheBox - Devvortex
April 27, 2024, 3 p.m. | IppSec
IppSec www.youtube.com
01:00 - Start of nmap
03:45 - Discovering dev.devvortex.htb is a Joomla Page, showing JoomScan and enumerating version manually through manifests
07:00 - Looking for Joomla Exploits for version 4.2.6, discovering a way to view application config as an unauthenticated user
09:40 - Start of deep dive into the exploit, looking at commits on the day the advisory said this was patched
10:50 - Showing the fix just shows it is a mass assignment vulnerability, looking at …
application config deep dive dev dive exploit exploits hackthebox htb joomla nmap page start unauthenticated version
More from www.youtube.com / IppSec
HackTheBox - Analytics
1 month, 2 weeks ago |
www.youtube.com
HackTheBox - Manager
1 month, 3 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Chief Information Security Officer (CISO)
@ CSIRO | Adelaide, SA, AU
Cyber Security Engineer - Clearance Required
@ Logistics Management Institute | Remote, United States
Security Engineer, Infrastructure
@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
TS Senior Security Engineer
@ UL Solutions | Mumbai, Maharashtra, India
Security Operations Engineer
@ Fortis Games | Remote - United Kingdom
Senior Product Compliance Engineer
@ Element Biosciences | San Diego - Headquarters