all InfoSec news
HackTheBox - Download
Nov. 11, 2023, 3:02 p.m. | IppSec
IppSec www.youtube.com
01:00 - Start of nmap
05:30 - Playing with the download file functionality, discovering the UUID is the file on disk and not column in database by prepending a slash
09:00 - Finding a File Disclosure vulnerability, extracting application source code, getting source code of the app
13:15 - Start of signing our own cookies, examining the sig cookie to discover it is 40 bytes which is likely sha1
16:00 - Playing with Cyber Chef to discover …
app application code column database disclosure disk download file hackthebox introduction nmap own signing source code start vulnerability
More from www.youtube.com / IppSec
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Salesforce Solution Consultant
@ BeyondTrust | Remote United States
Divisional Deputy City Solicitor, Public Safety Compliance Counsel - Compliance and Legislation Unit
@ City of Philadelphia | Philadelphia, PA, United States
Security Engineer, IT IAM, EIS
@ Micron Technology | Hyderabad - Skyview, India
Security Analyst
@ Northwestern Memorial Healthcare | Chicago, IL, United States
Werkstudent Cybersecurity (m/w/d)
@ Brose Group | Bamberg, DE, 96052