Socket | Malayalam Tutorial | Hack the Box
2 years ago
19
Socket is a medium linux box, which hosts a webserver for scanning QR codes on port 80. On downloading the application we'll identify its trying to connect to vhost on port 5789. On exploiting sql injection on sqlite we can leak the credentials for the user. Root access can be gained by exploiting the loopholes in pyInstaller by including root files in spec files.
00:40 nmap
01:40 website
03:05 downloading the app
04:43 Analyzing the app
07:16 ws.qreader.htb
09:25 redirecting the traffic via burp
12:45 sql injection on sqlite
18:35 admin hash
21:24 identifying user
27:00 exploiting pyinstaller
Loading comments...
-
LIVE
Drew Hernandez
6 hours agoMASS CONFUSION AROUND CHARLIE'S MURDER
847 watching -
1:01:40
HotZone
6 days ago"Prepare for WAR" - Confronting the URGENT Threat to America
903 -
1:13:57
Glenn Greenwald
4 hours agoYoung Men and Online Radicalization: Dissecting Internet Subcultures with Lee Fang, Katherine Dee, and Evan Barker | SYSTEM UPDATE #516
136K30 -
LIVE
Sarah Westall
1 hour agoCEO of Crowds on Demand: The Fake World of Social Media, Protests & Movements w/ Adam Swart
322 watching -
LIVE
Geeks + Gamers
4 hours agoTuesday Night's Main Event
470 watching -
40:36
RiftTV
3 hours agoHow We Got 400 Leftists FIRED for MOCKING Charlie Kirk | The Rift | Guest: Olivia Krolczyk
42.6K26 -
LIVE
Badlands Media
16 hours agoBadlands Story Hour Ep 134: Godzilla Minus One
890 watching -
LIVE
Patriots With Grit
12 hours agoWrongful Death Without Consequences: Inside the Schara Trial | Scott Schara
91 watching -
LIVE
LFA TV
15 hours agoLFA TV ALL DAY STREAM - TUESDAY 9/16/25
722 watching -
LIVE
StevieTLIVE
2 hours agoWarzone Community Games to Start into Quads w/ The Fellas
83 watching
