HackTheBox - Networked
00:45 - Begin of recon
01:45 - Looking at the website, checking source, , etc
02:30 - Using GoBuster with PHP Extensions as HTTP Header said it had PHP Enabled
03:50 - Writing a simple PHP Code Execution script and trying to upload it
05:30 - Discovery of , examining timestamps between downloading with wget/firefox
07:40 - Searching php scripts for superglobals as that will show user-input
11:10 - Explaining what magic bytes are
14:30 - Using PHP interactive mode to demonstrate what is happening
16:15 - Showing error codes are different based upon where image validation failed
17:30 - Uploading a malicious PHP Shell
18:40 - Navigating to our php shell and getting a reverse shell
21:40 - Reverse shell returned
23:40 - Examining to discover vulnerability when doing exec() to escalate to guly
27:30 - Explaining the code execution vulnerability of creating a malicious file
28:30 - Creating the malicious file
31:57 - Shell returned a
5 months ago 00:10:23 1
8 months ago 00:00:00 1
10 months ago 00:04:06 1
10 months ago 00:32:44 18
10 months ago 00:34:38 2
10 months ago 01:27:34 5
10 months ago 00:37:18 6
10 months ago 00:41:25 5
10 months ago 01:46:13 2
10 months ago 01:12:42 4
10 months ago 00:26:29 1
10 months ago 02:06:46 2
10 months ago 00:54:43 11
10 months ago 02:05:30 1
11 months ago 00:33:44 1
11 months ago 00:27:16 1
11 months ago 00:30:39 1
12 months ago 11:21:04 1
1 year ago 05:30:24 3
1 year ago 01:02:06 17
1 year ago 00:16:21 18
1 year ago 02:09:39 15
1 year ago 00:29:19 2
1 year ago 00:39:17 7
