Socket | Malayalam Tutorial | Hack the Box
2 years ago
22
Socket is a medium linux box, which hosts a webserver for scanning QR codes on port 80. On downloading the application we'll identify its trying to connect to vhost on port 5789. On exploiting sql injection on sqlite we can leak the credentials for the user. Root access can be gained by exploiting the loopholes in pyInstaller by including root files in spec files.
00:40 nmap
01:40 website
03:05 downloading the app
04:43 Analyzing the app
07:16 ws.qreader.htb
09:25 redirecting the traffic via burp
12:45 sql injection on sqlite
18:35 admin hash
21:24 identifying user
27:00 exploiting pyinstaller
Loading comments...
-
LIVE
FreshandFit
11 hours agoArt Basel IRL Stream
6,226 watching -
LIVE
Akademiks
2 hours ago50 cent Declares War on Diddy. Drake #1 streamed artist of 2025. Candace vs TPUSA. YB 19 bodies?
1,419 watching -
Drew Hernandez
23 hours agoKASH DENIES FOREIGN INVOLVEMENT IN CHARLIE KIRK MURDER & CANDACE WILLING TO MEET WITH ERIKA KIRK?
26.6K13 -
1:19:49
Adam Does Movies
4 hours ago $18.77 earnedLive Taping! Reviewing Five Nights At Freddy's 2, Marty Supreme, Fackham Hall - Live!
24.5K -
0:43
Gaming on Rumble
3 hours ago $2.02 earnedLvl UP (Raids)
17.9K -
SpartakusLIVE
8 hours agoBUYBACKS Have RETURNED || #1 Gamer w/ Most HEALTHY and VIBRANT Hairline
24.1K -
2:13:41
TimcastIRL
6 hours agoCNN SLAMMED For Claiming BLACK J6 Bomb Suspect IS A WHITE MAN w/ Milo & George Santos | Timcast IRL
234K324 -
4:29:59
SynthTrax & DJ Cheezus Livestreams
1 day agoFriday Night Synthwave 80s 90s Electronica and more DJ MIX Livestream CHROMIUM Edition
18.3K4 -
LIVE
GritsGG
14 hours agoBO7 Warzone Is Here! Win Streaking! New Leaderboard?
385 watching -
3:53:07
VapinGamers
5 hours ago $1.63 earnedDestiny 2 - Star Wars Renegade Lightsabers Oh My! - !rumbot !music
16.8K1