Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Jan 12, 2019
00:50 - Start of the box 05:30 - Attempting GoBuster but wildcard response gives issue 07:40 - Start of doing wfuzz to find content 10:38 - Manually testing SQLInjection 13:07 - Running SQLMap and telling it exactly where the injection is 16:04 - Manually extracting files with the SQL Injection 19:50 - Cracking the hash with hashcat 25:00 - Start of examining the custom webapp, playing with Template Injection 27:00 - Explaining a way to enumerate language behind a webapp 35:17 - Reverse Shell returned on first Docker Container 38:00 - Examining SQL Database 39:40 - Doing the Port Knock to open up SSH 43:50 - Gain a foothold on the host of the docker container via ssh 46:00 - Identifying containers running 50:10 - Creating SSH Port Forwards without exiting SSH Session then NMAP through SSH 55:11 - Begin looking into Portainer, finding a weak API Endpoint 59:00 - Start of creating a container in portainer that can access the root file system 01:08:25 - Changing sudoers so dorthy can privesc to root 01:09:50 - Lets go back and create a python script to play with SQL Injection