Socket | Malayalam Tutorial | Hack the Box
2 years ago
22
Socket is a medium linux box, which hosts a webserver for scanning QR codes on port 80. On downloading the application we'll identify its trying to connect to vhost on port 5789. On exploiting sql injection on sqlite we can leak the credentials for the user. Root access can be gained by exploiting the loopholes in pyInstaller by including root files in spec files.
00:40 nmap
01:40 website
03:05 downloading the app
04:43 Analyzing the app
07:16 ws.qreader.htb
09:25 redirecting the traffic via burp
12:45 sql injection on sqlite
18:35 admin hash
21:24 identifying user
27:00 exploiting pyinstaller
Loading comments...
-
6:01:38
Right Side Broadcasting Network
2 days agoLIVE: President Trump to Deliver Remarks in Rocky Mount, NC - 12/19/25
123K57 -
3:24:48
VapinGamers
5 hours ago $20.39 earnedDestiny 2 - Dungeons and Loot with Friends - !rumbot !music
76.6K1 -
2:07:44
TimcastIRL
6 hours agoTrump's Secret Plan To Make Charlie Kirk VP, America Fest IN CIVIL WAR | Timcast IRL
206K161 -
4:09:13
I_Came_With_Fire_Podcast
15 hours agoLive Fire: Christmas Special
27.5K7 -
46:26
Sarah Westall
8 hours agoWhat’s Behind the Silver Surge? Large Institutions Cashing In w/ Andy Schectman
29.8K -
6:42:10
Turning Point USA
14 hours agoLIVE NOW: AMFEST DAY 2 - VIVEK, JACK POSOBIEC, MEGYN KELLY, ALEX CLARK AND MORE…
1.26M180 -
1:14:37
Flyover Conservatives
1 day agoHow to Win 2026 Before It Starts — Clay Clark’s Goal-Setting Blueprint | FOC Show
30.7K1 -
12:52
The Kevin Trudeau Show Limitless
2 days agoBeyond Good And Bad: The Hidden Reality Code
69.8K21 -
1:03:11
BonginoReport
10 hours agoBrown U Security Failures EXPOSED - Nightly Scroll w/ Hayley Caronia (Ep.201)
149K41 -
51:09
Patriots With Grit
5 hours agoWill A.I. Replace Doctors? | Dr. Stella Immanuel MD
21K4