June 8, 2024, 3 p.m. | IppSec

IppSec www.youtube.com

00:00 - Introduction
01:00 - Start of nmap
02:45 - Discovering the Dev Subdomain
04:00 - Playing with the Resume Download, discovering a File Disclosure Vulnerability
05:40 - Discovering some odd behavior with ../, its just a replace. Grabbing web.config
08:15 - Using YsoSerial.Net to create a malicious ViewState Gadget, be careful with command prompt and single quotes!
12:00 - Getting a reverse shell with a web cradle
14:10 - Shell returned, discovering a Password stored with Secure String, decrypting …

behavior command config dev disclosure download file gadget grabbing hackthebox introduction malicious .net nmap pov prompt resume single start subdomain using vulnerability web ysoserial

Director of IT & Information Security

@ Outside | Boulder, CO

Information Security Governance Manager

@ Informa Group Plc. | London, United Kingdom

Senior Risk Analyst - Application Security (Remote, United States)

@ Dynatrace | Waltham, MA, United States

Security Software Engineer (Starshield) - Top Secret Clearance

@ SpaceX | Washington, DC

Network & Security Specialist (IT24055)

@ TMEIC | Roanoke, Virginia, United States

Senior Security Engineer - Application Security (F/M/N)

@ Swile | Paris, France