Скачать с ютуб HackTheBox - Devvortex в хорошем качестве

HackTheBox - Devvortex

00:00 - Intro 01:00 - Start of nmap 03:45 - Discovering dev.devvortex.htb is a Joomla Page, showing JoomScan and enumerating version manually through manifests 07:00 - Looking for Joomla Exploits for version 4.2.6, discovering a way to view application config as an unauthenticated user 09:40 - Start of deep dive into the exploit, looking at commits on the day the advisory said this was patched 10:50 - Showing the fix just shows it is a mass assignment vulnerability, looking at how this works 17:10 - Showing fuzzing for arguments with ffuf would have caught this 26:18 - Logging into Joomla, then placing a shell in the Joomla Templates 32:15 - Logging into the database, cracking a hash to gain access to another user 35:30 - Taking a look at sudo discovering apport-cli, gtfobins comes up with nothing, looking at the version to discover an exploit within how it uses PAGER