Категории

Directory Traversa vulnerability ctf : HACKTHEBOX OPENSOURCE CTF WALKTHROUGH

Опубликовано: 09 Февраль 2025
на канале: I.T Security Labs
580
20

OpenSource from hackthebox, we learn web app enumeration, and find credentials and source code in downloadable source zip. We exploit a directory traversal vulnerability to obtain a shell via Flask app, debug pin calculation (failed) and source file overwriting. Accessing a private Gitea instance reveals an SSH key for host access. Exploiting a root-running cron job with Git hooks grants root shell access.

Subscribe for more!

***This is for educational purposes only***, Youtube bot, this is a ctf :)

play_arrow
225
10

MARKO FLANJAK (Category A) Daruvar Accordion Award 2022

MARKO FLANJAK (Category A) Daruvar Accordion Award 2022
play_arrow
28
3

Anchor tag in html

Anchor tag in html
play_arrow
10,818
152

ASMR| Gum Chewing & Blowing Big Bubbles| Big League Chew Grape| No Talking

ASMR| Gum Chewing & Blowing Big Bubbles| Big League Chew Grape| No Talking
play_arrow
123
4

Sad tune. free music. No Copyright audio library.

Sad tune. free music. No Copyright audio library.
play_arrow
73
5

❄️Simple aesthetic intro tutorial❄️ | a bunch of links in description 🎄

❄️Simple aesthetic intro tutorial❄️ | a bunch of links in description 🎄
play_arrow
63,960
2.4 тыс

Minecraft mais Chaque Clic MULTIPLIE mon Inventaire !

Minecraft mais Chaque Clic MULTIPLIE mon Inventaire !
play_arrow
2,267
19

Menjadi Owner Toko Lava di Growtopia | TOKO LAVA | Growtopia Indonesia

Menjadi Owner Toko Lava di Growtopia | TOKO LAVA | Growtopia Indonesia
play_arrow
88
3

ROPE BRIDGE

ROPE BRIDGE
Похожие видео
play_arrow
NHA lab deployment party

NHA lab deployment party
play_arrow
02 Purple Team Cyber Range with NHA-GOAD - How To connect To Ludus with Wireguard

02 Purple Team Cyber Range with NHA-GOAD - How To connect To Ludus with Wireguard
play_arrow
01 - How To Setup a Purple Team Cyber Range with NHA-GOAD & Elastic SIEM on Ludis | AUTOMATED

01 - How To Setup a Purple Team Cyber Range with NHA-GOAD & Elastic SIEM on Ludis | AUTOMATED
play_arrow
Tryhackme Publisher Walkthrough | App Armor Bypass Privesc

Tryhackme Publisher Walkthrough | App Armor Bypass Privesc
play_arrow
How To Deploy Active Directory with Elastic SIEM Cyber Range for Purple Teaming in Ludus

How To Deploy Active Directory with Elastic SIEM Cyber Range for Purple Teaming in Ludus
play_arrow
HackTheBox Knife boot2root | Step-by-Step Walkthrough

HackTheBox Knife boot2root | Step-by-Step Walkthrough
play_arrow
HackTheBox Giddy Walkthrough | SQL Injection & Golang exe Privilege Escalation

HackTheBox Giddy Walkthrough | SQL Injection & Golang exe Privilege Escalation
play_arrow
nmap-did-what, A Cool way to view nmap results

nmap-did-what, A Cool way to view nmap results
play_arrow
Tryhackme CyberLens Walkthrough, NO Metasploit, Windows pentesting

Tryhackme CyberLens Walkthrough, NO Metasploit, Windows pentesting
play_arrow
Investigating C2 Traffic | Tryhackme ItsyBitsy Walkthrough

Investigating C2 Traffic | Tryhackme ItsyBitsy Walkthrough
play_arrow
HackTheBox Bank Walkthrough: Learning Penetration Testing for beginners

HackTheBox Bank Walkthrough: Learning Penetration Testing for beginners
play_arrow
Unboxing the youtube silver button award | How and why i make videos

Unboxing the youtube silver button award | How and why i make videos
play_arrow
Tryhackme Vulnet Roasted Walkthrough. Active Directory Pentesting For Noobs

Tryhackme Vulnet Roasted Walkthrough. Active Directory Pentesting For Noobs
play_arrow
Hackthebox Toolbox Walkthrough in Guided Mode . Windows Docker Container Escape

Hackthebox Toolbox Walkthrough in Guided Mode . Windows Docker Container Escape
play_arrow
Breaching Game Of Active Directory Part 8 | AD GPO exploitation & Detection using Security Onion

Breaching Game Of Active Directory Part 8 | AD GPO exploitation & Detection using Security Onion
play_arrow
Investigating A Ransomware Attack in Splunk : Tryhackme PS Eclipse Walkthrough

Investigating A Ransomware Attack in Splunk : Tryhackme PS Eclipse Walkthrough
play_arrow
Directory Traversa vulnerability ctf : HACKTHEBOX OPENSOURCE CTF WALKTHROUGH

Directory Traversa vulnerability ctf : HACKTHEBOX OPENSOURCE CTF WALKTHROUGH
play_arrow
🔒🛡️ LIVE HACK & HUNT SHOWDOWN: Game Of Active Directory vs. Security Onion! 🔍

🔒🛡️ LIVE HACK & HUNT SHOWDOWN: Game Of Active Directory vs. Security Onion! 🔍
play_arrow
How To Enumerate and Use Squid Proxy | Squid, Offsec Proving Grounds Walkthrough, OSCP Prep

How To Enumerate and Use Squid Proxy | Squid, Offsec Proving Grounds Walkthrough, OSCP Prep
play_arrow
HacktheBox DevOops Walkthrough | How To Enumerate .git for secrets

HacktheBox DevOops Walkthrough | How To Enumerate .git for secrets
play_arrow
Tryhackme Red Team Capstone Challenge Part 2 | Gaining Initial Access

Tryhackme Red Team Capstone Challenge Part 2 | Gaining Initial Access
play_arrow
Tryhackme Red Team Capstone Challenge Part 1 | Understanding the challenge

Tryhackme Red Team Capstone Challenge Part 1 | Understanding the challenge
play_arrow
Breaching Game Of Active Directory Part 7 | How To Enumerate Active Directory With Bloodhound

Breaching Game Of Active Directory Part 7 | How To Enumerate Active Directory With Bloodhound
play_arrow
How Windows EDR Detects and Defends against SharpHound

How Windows EDR Detects and Defends against SharpHound