HackTheBox - Sandworm

00:00 - Introduction
01:00 - Start of nmap
03:10 - Finding their public key, then sending an encrypted message that contains a XSS Test payload
06:50 - Creating a PGP Key and sending our public key, so they can send an encrypted message back
08:40 - Decrypting the message they sent to us
09:50 - Signing a message, but not encrypting it for them to verify and see they give us the metadata back
12:40 - Testing a SSTI Payload …

back encrypted hackthebox introduction key message nmap payload pgp public public key sandworm send signing start test xss