Socket | Malayalam Tutorial | Hack the Box
2 years ago
19
Socket is a medium linux box, which hosts a webserver for scanning QR codes on port 80. On downloading the application we'll identify its trying to connect to vhost on port 5789. On exploiting sql injection on sqlite we can leak the credentials for the user. Root access can be gained by exploiting the loopholes in pyInstaller by including root files in spec files.
00:40 nmap
01:40 website
03:05 downloading the app
04:43 Analyzing the app
07:16 ws.qreader.htb
09:25 redirecting the traffic via burp
12:45 sql injection on sqlite
18:35 admin hash
21:24 identifying user
27:00 exploiting pyinstaller
Loading comments...
-
LIVE
Major League Fishing
4 days agoLIVE! - Fishing Clash Team Series: Heritage Cup - Day 2
3,042 watching -
10:31
Dr. Eric Berg
56 minutes ago13 Foods You Should Never Buy Organic
9 -
15:10
SB Mowing
1 month agoShe had TEARS OF JOY on her face - An update on Beth
4.06K31 -
LIVE
Lofi Girl
3 years agolofi hip hop radio 📚 - beats to relax/study to
153 watching -
LIVE
Nikko Ortiz
59 minutes agoLIVE - Trying Rumble Studio!
298 watching -
9:30
Sugar Spun Run
4 hours agoBlack and White Cookies
70 -
2:45
SLS - Street League Skateboarding
4 days agoManny Santiago's 'THIS IS 40' Part
2.14K1 -
6:40
Homesteading Family
5 days agoNever Make Pie Crust From Scratch Again (Do THIS Instead)
1.3K1 -
44:20
Melissa K Norris
3 days ago $0.20 earnedThe Most Overlooked Way to Preserve Food for Months (No Freezer Needed) w/ Sam Knapp
585 -
23:00
Tony Jeffries
6 days agoThe Best & Worst Boxing Training Methods (Ranked by Olympic Boxer)
218