all InfoSec news
HackTheBox - Sekhmet
April 1, 2023, 3:26 p.m. | IppSec
IppSec www.youtube.com
01:11 - Start of nmap
04:00 - Running ffuf to discover the portal virtual host
06:40 - Logging in with admin:admin and discovering a new cookie
09:15 - Looking at the Node-Serialize exploit
10:20 - Attempting to do the exploit and discovering modsecurity blocks us, then putting some unicode in the payload to evade it
16:20 - Whoops forgot to end the payload with (), so thats why we didn't get our shell
17:11 - EDIT Looking …
blocking cookie discover end error evade exploit hackthebox host log logging logging in modsecurity nginx nmap node payload portal sekhmet shell start unicode virtual whoops
More from www.youtube.com / IppSec
HackTheBox - Analytics
1 month, 1 week ago |
www.youtube.com
HackTheBox - Manager
1 month, 2 weeks ago |
www.youtube.com
HackTheBox - AppSanity
1 month, 3 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Application Security Engineer - Remote Friendly
@ Unit21 | San Francisco,CA; New York City; Remote USA;
Cloud Security Specialist
@ AppsFlyer | Herzliya
Malware Analysis Engineer - Canberra, Australia
@ Apple | Canberra, Australian Capital Territory, Australia
Product CISO
@ Fortinet | Sunnyvale, CA, United States
Manager, Security Engineering
@ Thrive | United States - Remote