all InfoSec news
HackTheBox - Investigation
April 22, 2023, 3 p.m. | IppSec
IppSec www.youtube.com
01:00 - Start of nmap
02:00 - Start of gobuster
04:00 - Discovering an upload form, looking for where things get uploaded
05:50 - The upload gives us ExifTool output, including the version number to show it is vulnerable to CVE-2022-23935
08:11 - You should really watch "The Perl Jam"
08:40 - Showing the weird syntax of perl's file open and how | leads to RCE
16:15 - Back to the box, exploiting and getitng a shell …
back box cve discover exiftool exploiting files gobuster hackthebox introduction investigation nmap perl rce reverse reverse shell shell start things version vulnerable watch weird
More from www.youtube.com / IppSec
HackTheBox - Analytics
1 month, 1 week ago |
www.youtube.com
HackTheBox - Manager
1 month, 2 weeks ago |
www.youtube.com
HackTheBox - AppSanity
1 month, 3 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC
@ SAP | Dublin 24, IE, D24WA02
Product Security Response Engineer
@ Intel | CRI - Belen, Heredia
Application Security Architect
@ Uni Systems | Brussels, Brussels, Belgium
Sr Product Security Engineer
@ ServiceNow | Hyderabad, India
Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)
@ FiscalNote | United Kingdom (UK)