Socket | Malayalam Tutorial | Hack the Box
2 years ago
19
Socket is a medium linux box, which hosts a webserver for scanning QR codes on port 80. On downloading the application we'll identify its trying to connect to vhost on port 5789. On exploiting sql injection on sqlite we can leak the credentials for the user. Root access can be gained by exploiting the loopholes in pyInstaller by including root files in spec files.
00:40 nmap
01:40 website
03:05 downloading the app
04:43 Analyzing the app
07:16 ws.qreader.htb
09:25 redirecting the traffic via burp
12:45 sql injection on sqlite
18:35 admin hash
21:24 identifying user
27:00 exploiting pyinstaller
Loading comments...
-
10:17
MattMorseTV
14 hours ago $10.45 earnedTrump's DOJ just DROPPED a NUKE.
59.1K68 -
2:09:32
Side Scrollers Podcast
17 hours agoStreamer DIES Live On Air + Your Food is Poison + Xbox Announces $900 Handheld | Side Scrollers Live
12.1K8 -
15:32
GritsGG
13 hours agoFull Auto ABR Sniper Support! Most Winning Quad Win Streaking!
4.01K2 -
7:42
The Pascal Show
12 hours ago $0.41 earnedBREAKING! Police Provide UPDATE In Emmanuel Haro's Case! Is Jake's Lawyer Lying To Us?!
5.07K -
2:29:46
FreshandFit
6 hours agoAfter Hours w/ Girls
102K63 -
5:28
Zach Humphries
12 hours ago $0.90 earnedNEAR PROTCOL AND STELLAR TEAM UP!
10.2K2 -
1:09:57
Brandon Gentile
1 day ago10,000 Hour BITCOIN Expert Reveals Why $13.5M Is Just The Start
15.9K1 -
2:03:55
Badlands Media
6 hours agoDevolution Power Hour Ep. 382: DOJ Coverups, Clapper’s Team Sport & Trump’s Countermoves
127K19 -
2:06:30
Inverted World Live
9 hours agoDon't Approach the Zombie Rabbits | Ep. 95
50.4K24 -
3:26:45
Drew Hernandez
5 hours agoISRAEL PLANNING POSSIBLE DRAFT IN USA & TRUMP'S VIEW ON ETERNAL LIFE ANALYZED PT 2
39.2K28