Socket | Malayalam Tutorial | Hack the Box
2 years ago
26
Socket is a medium linux box, which hosts a webserver for scanning QR codes on port 80. On downloading the application we'll identify its trying to connect to vhost on port 5789. On exploiting sql injection on sqlite we can leak the credentials for the user. Root access can be gained by exploiting the loopholes in pyInstaller by including root files in spec files.
00:40 nmap
01:40 website
03:05 downloading the app
04:43 Analyzing the app
07:16 ws.qreader.htb
09:25 redirecting the traffic via burp
12:45 sql injection on sqlite
18:35 admin hash
21:24 identifying user
27:00 exploiting pyinstaller
Loading comments...
-
2:15:25
RealAmericasVoice
11 hours agoTPUSA'S ALL-AMERICAN HALFTIME SHOW
1.14M583 -
2:38:12
Nerdrotic
4 hours ago $5.55 earnedThe Pentyrch UFO Incident | Forbidden Frontier #128
120K5 -
LIVE
MattMorseTV
4 hours ago $60.41 earned🔴Super Bowl WATCH PARTY.🔴
3,953 watching -
2:29:46
PandaSub2000
9 hours agoSackboy: A Big Adventure
3.14K2 -
23:42
Nikko Ortiz
9 hours agoNarrator Plays Airsoft With Nikko Ortiz
32.7K4 -
LIVE
EricJohnPizzaArtist
4 days agoAwesome Sauce PIZZA ART LIVE Ep. #79: Rumble Gaming Night with SoundBoardLord!
253 watching -
LIVE
FusedAegisTV
5 hours agoKing of Iron Fist RETURNS ● Tekken King Rank Before Season 3? ● Testing Replay Buffer
33 watching -
LIVE
Biscotti-B23
6 hours ago🔴 LIVE $400 TOURNAMENT SIGN UPS 🤑 TOP 50 RANKED HERO 🔥 MY HERO ACADEMIA ALL'S JUSTICE
2,126 watching -
LIVE
SpartakusLIVE
4 hours ago#1 DEEPEST Wrinkle Brain Plays || Variety Later?! PUBG, For Honor, zOmBoiD
492 watching -
LIVE
OptimusDan
5 hours agoLET THE NIPPLE CONSUME YOUUUU/!
75 watching