all InfoSec news
HackTheBox - Extension
Web: https://www.youtube.com/watch?v=qNsbf3EmLrA
March 18, 2023, 3 p.m. | IppSec
IppSec www.youtube.com
01:00 - Start of nmap, then discovering a laravel app
05:00 - Laravel app uses Ziggy which exposes a list of all the routes
07:50 - Finding the /management/dump endpoint but we keep getting page expired (missing some headers)
12:50 - Using ffuf to brute-force the management/dump endpoint
15:55 - Dumping a list of users and then cracking them
21:30 - Enumerating virtualhosts, then looking at the roundcube version
27:50 - Discovering the first 32 characters of …
More from www.youtube.com / IppSec
Latest InfoSec / Cybersecurity Jobs
Snr Security Engineer (cloud)
@ Verisk | Málaga, Spain
Cybersecurity Analyst
@ Visa | Bengaluru, India
Information Security Engineer
@ ServiceNow | Orlando, FL, United States
Director of Cloud Security - 100% US REMOTE
@ Experian | Allen, TX, United States
Azure DevSecOps - Solution Architect
@ Citizant | Chantilly, VA, United States
Cybersecurity Champion
@ NielsenIQ | Chicago, IL, United States
Senior Information Security Analyst
@ QAD, Inc. | Wroclaw, Poland
VP, Information Security
@ TrueAccord | Remote
DevSecOps Engineer- (100%) ( w/m/d) - Valbonne - Hybrid Work
@ SMG Swiss Marketplace Group | Valbonne, France
Information Security Director - Attack Surface Management (100% US REMOTE)
@ Experian | Allen, TX, United States
Director - Cybersecurity and Compliance
@ Visa | Foster City, CA, United States
Senior Threat Analyst | Remote, USA
@ Optiv | Kansas City, MO