Socket | Malayalam Tutorial | Hack the Box
2 years ago
22
Socket is a medium linux box, which hosts a webserver for scanning QR codes on port 80. On downloading the application we'll identify its trying to connect to vhost on port 5789. On exploiting sql injection on sqlite we can leak the credentials for the user. Root access can be gained by exploiting the loopholes in pyInstaller by including root files in spec files.
00:40 nmap
01:40 website
03:05 downloading the app
04:43 Analyzing the app
07:16 ws.qreader.htb
09:25 redirecting the traffic via burp
12:45 sql injection on sqlite
18:35 admin hash
21:24 identifying user
27:00 exploiting pyinstaller
Loading comments...
-
LIVE
SpartakusLIVE
2 hours agoTrios w/ The BOYS on WZ and then we're teaching Jean ARC RAIDERS
392 watching -
1:32:46
Glenn Greenwald
2 hours agoHillary Blames TikTok for Anti-Israel Sentiment; MAGA Sycophants Gain Pentagon Press Access; Who Should Win Anti-Semite of the Year? See the Top 10 Finalists | SYSTEM UPDATE #552
73.3K44 -
LIVE
The Daily Signal
4 hours ago $0.77 earned🚨BREAKING: Tennessee Congressional Election Results, Minneapolis Police to "Intervene" Against ICE,
206 watching -
LIVE
megimu32
29 minutes agoON THE SUBJECT: Christmas Vacation Is UNTOUCHABLE!
55 watching -
LIVE
Sarah Westall
1 hour agoNeurostrike, Cognitive Targeting & the New Tech Arms Race w/ Professor Armin Krishnan
30 watching -
2:52:28
Nikko Ortiz
3 hours agoNo More Gear Fear... | Rumble LIVE
1.4K1 -
LIVE
Razeo
1 hour agoTopside carnage with some fries.,
44 watching -
1:03:17
BonginoReport
4 hours agoViolent Criminals Run Free in NY & CA - Nightly Scroll w/ Hayley Caronia (Ep.188) - 12/02/2025
97.2K27 -
6:33:02
The Rabble Wrangler
17 hours agoBattlefield with The Best in the West
697 -
LIVE
heathen_streamz
1 hour agoLet's get Bent in ARC RAIDERS | Happy Tiddy Tuesday!
57 watching