all InfoSec news
HackTheBox Gofer
Oct. 28, 2023, 3 p.m. | IppSec
IppSec www.youtube.com
01:00 - Start of nmap
03:40 - Running gobuster to discover the proxy.gofer.htb subdomain
05:20 - Enumerating SMB to find a note which gives an email address to send a malicious document to and hints at HTTP Methods being filtered
08:45 - Discovering the proxy.gofer.htb domain responds differently to POST vs GET requests, then gobustering setting our method to POST
11:55 - Finding a SSRF in the proxy, then playing with protocols to discover it accepts GOPHER …
address discover document domain email find gobuster hackthebox htb http introduction malicious nmap proxy requests running send smb start subdomain
More from www.youtube.com / IppSec
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Associate Principal Security Engineer
@ Activision Blizzard | Work from Home - CA
Security Engineer- Systems Integration
@ Meta | Bellevue, WA | Menlo Park, CA | New York City
Lead Security Engineer (Digital Forensic and IR Analyst)
@ Blue Yonder | Hyderabad
Senior Principal IAM Engineering Program Manager Cybersecurity
@ Providence | Redmond, WA, United States
Information Security Analyst II or III
@ Entergy | The Woodlands, Texas, United States