HackTheBox - Forgot

00:00 - Introduction
01:03 - Start of nmap
02:00 - Talking about Varnish, then looking at the website
03:40 - Poking at the Forgot Password functionality and showing we can enumerate valid users
06:25 - Discovering a username in the HTML Source
07:10 - Start talking about Host Header Injection, showing the page will use the Host Header when building redirects
09:28 - Using host header injection in the password reset, in order to send the user a link that …

hackthebox header host html injection introduction nmap order password password reset redirects reset send start talking username valid website