Socket | Malayalam Tutorial | Hack the Box
2 years ago
19
Socket is a medium linux box, which hosts a webserver for scanning QR codes on port 80. On downloading the application we'll identify its trying to connect to vhost on port 5789. On exploiting sql injection on sqlite we can leak the credentials for the user. Root access can be gained by exploiting the loopholes in pyInstaller by including root files in spec files.
00:40 nmap
01:40 website
03:05 downloading the app
04:43 Analyzing the app
07:16 ws.qreader.htb
09:25 redirecting the traffic via burp
12:45 sql injection on sqlite
18:35 admin hash
21:24 identifying user
27:00 exploiting pyinstaller
Loading comments...
-
2:08:24
Inverted World Live
8 hours agoAliens On The Campaign Trail | Ep. 120
104K23 -
1:38:50
FreshandFit
9 hours agoHow Do Women WANT To Be Approached? w/ Dom Lucre & Prince
31.4K39 -
2:58:08
TimcastIRL
7 hours agoTrump Announces Israel Hamas PEACE PLAN SIGNED Israel To WITHDRAW Troops | Timcast IRL
219K160 -
3:33:15
Alex Zedra
5 hours agoLIVE! New Game!
43.1K6 -
38:05
Man in America
13 hours agoEric Trump on Prosecuting TREASON, Civil War & the Battle of Good vs. Evil
49.7K27 -
3:04:23
Barry Cunningham
6 hours agoBREAKING NEWS: PRESIDENT TRUMP BROKERS HISTORIC PEACE DEAL IN THE MIDDLE EAST! AND MORE NEWS!
70.3K43 -
6:28:59
SpartakusLIVE
8 hours agoThe Boys are BACK || The Duke of NUKE and his Valiant Knights of the Tower of POWER
54.8K2 -
1:15:32
Tucker Carlson
6 hours agoICE Protests and Antifa Riots: Tucker Carlson Warns of Total Destruction if America Doesn’t Act Fast
73.6K257 -
3:47:33
I_Came_With_Fire_Podcast
13 hours agoChinese Spy GETS OFF | Is Comey's Indictment Selective | Posse Comitatus Dilemma
29K1 -
1:55:55
Adam Does Movies
15 hours ago $0.90 earnedTalking Movies + Ask Me Anything - LIVE
20.7K1
