HackTheBox - Extension

00:00 - Intro
01:00 - Start of nmap, then discovering a laravel app
05:00 - Laravel app uses Ziggy which exposes a list of all the routes
07:50 - Finding the /management/dump endpoint but we keep getting page expired (missing some headers)
12:50 - Using ffuf to brute-force the management/dump endpoint
15:55 - Dumping a list of users and then cracking them
21:30 - Enumerating virtualhosts, then looking at the roundcube version
27:50 - Discovering the first 32 characters of …

app brute brute-force cracking dumping endpoint expired extension hackthebox headers laravel list management missing nmap start version