Socket | Malayalam Tutorial | Hack the Box
2 years ago
26
Socket is a medium linux box, which hosts a webserver for scanning QR codes on port 80. On downloading the application we'll identify its trying to connect to vhost on port 5789. On exploiting sql injection on sqlite we can leak the credentials for the user. Root access can be gained by exploiting the loopholes in pyInstaller by including root files in spec files.
00:40 nmap
01:40 website
03:05 downloading the app
04:43 Analyzing the app
07:16 ws.qreader.htb
09:25 redirecting the traffic via burp
12:45 sql injection on sqlite
18:35 admin hash
21:24 identifying user
27:00 exploiting pyinstaller
Loading comments...
-
LIVE
RealMetatron
3 hours agoInsane Live Stream CLICK IT!
500 watching -
2:35:18
vivafrei
11 hours agoEp. 300: SCOTUS Rulings Good & Bad! "Justice" Out of Canada? FBI Promotes a Bad guy? AND MORE!
216K136 -
LIVE
Eternal_Spartan
2 hours ago🟢Eternal Spartan Plays God of War 2018 Part 5 | USMC Vet!
187 watching -
LIVE
SpartakusLIVE
3 hours agoI Got BANNED...AGAIN
281 watching -
LIVE
EricJohnPizzaArtist
5 days agoAwesome Sauce PIZZA ART LIVE Ep. #77: Jeffrey Steele
128 watching -
17:51
DeVory Darkins
4 hours agoMinnesota Mayor makes GRAVE MISTAKE after he SELF DESTRUCTS on live TV
34.5K105 -
LIVE
NooCappp
1 hour agoℝ𝕦𝕞𝕓𝕝𝕖 𝕎𝕒𝕝𝕝𝕖𝕥 𝕒𝕔𝕥𝕚𝕧𝕖 ~ 𝕃𝕒𝕥𝕖 ℕ𝕚𝕥𝕖 𝕊𝕌ℕ𝔻𝔸𝕐 ~ 𝔸𝕣𝕔𝕚𝕟
34 watching -
LIVE
a12cat34dog
2 hours agoTHE LAST GAME OF THE SERIES :: Dead Space 3 :: IS THIS EVEN A HORROR GAME!? {18+}
132 watching -
LIVE
Itz Steve
4 hours agoSomething different
24 watching -
LIVE
GritsGG
9 hours agoWin Streak Camo TODAY! #1 Warzone Victory Leaderboad 895+ Ws!!🔥
261 watching