00:00 - Intro
01:00 - Start of nmap
03:45 - Discovering dev.devvortex.htb is a Joomla Page, showing JoomScan and enumerating version manually through manifests
07:00 - Looking for Joomla Exploits for version 4.2.6, discovering a way to view application config as an unauthenticated user
09:40 - Start of deep dive into the exploit, looking at commits on the day the advisory said this was patched
10:50 - Showing the fix just shows it is a mass assignment vulnerability, looking at how this works
17:10 - Showing fuzzing for arguments with ffuf would have caught this
26:18 - Logging into Joomla, then placing a shell in the Joomla Templates
32:15 - Logging into the database, cracking a hash to gain access to another user
35:30 - Taking a look at sudo discovering apport-cli, gtfobins comes up with nothing, looking at the version to discover an exploit within how it uses PAGER
In questa pagina del sito puoi guardare il video online HackTheBox - Devvortex della durata di ore minuti seconda in buona qualità , che l'utente ha caricato IppSec 27 aprile 2024, condividi il link con amici e conoscenti, su youtube questo video è già stato visto 13,388 volte e gli è piaciuto 435 spettatori. Buona visione!