all InfoSec news
HackTheBox - Encoding
April 15, 2023, 3:03 p.m. | IppSec
IppSec www.youtube.com
00:57 - Start of nmap
02:45 - Checking out the API Documentation
04:00 - Interacting with the API Server
05:15 - Showing the file_url, parameter and showing we can access local files
06:36 - Building a webserver in Flask to make some middleware to exploit this SSRF, allowing us to easily download files from the webserver
09:50 - Our middleware works! Can download files off the server.
11:15 - Downloading the apache2 configuration to find where all …
access api api documentation configuration discover documentation download encoding exploit files find flask gobuster hackthebox hidden introduction local middleware nmap parameter server ssrf start webserver
More from www.youtube.com / IppSec
HackTheBox - Analytics
1 month, 1 week ago |
www.youtube.com
HackTheBox - Manager
1 month, 2 weeks ago |
www.youtube.com
HackTheBox - AppSanity
1 month, 3 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cloud Security Engineer
@ Gainwell Technologies | Any city, OR, US, 99999
Federal Workday Security Lead
@ Accenture Federal Services | Arlington, VA
Workplace Consultant
@ Solvinity | Den Bosch, Noord-Brabant, Nederland
SrMgr-Global Information Security - Security Risk Management
@ Marriott International | Bethesda, MD, United States
Sr. Security Engineer - Data Loss Prevention
@ Verisk | Jersey City, NJ, United States