HackTheBox - Sightless

preview_player
Показать описание
00:00 - Introduction
01:00 - Start of nmap
03:30 - Discovering SQLPad
06:20 - Discovering a SSRF in SQLPad when adding connections. Sending to FFUF, use a time filter to show timeouts
10:01 - Finding the SQLPad Version (6.10.0), which has a template injection vulnerability getting a shell
14:25 - Shell returned, extracting the SQLPad database
17:45 - Cracking the shadow file of the docker container to get michaels password
21:05 - Shell as Michael, discovering headless chrome is running forwarding ports to access it
26:55 - Logging into froxlor, getting RCE as root by changing PHP-FPM Configuration
32:40 - Doing the box the intended way, getting Froxlor Cookie via XSS
44:30 - Changing the Web1 users password so we can FTP Into the box
49:00 - Cracking the Keepass database to get root ssh key
  1. IppSec
Рекомендации по теме
HackTheBox - Sightless 0:52:54

HackTheBox - Sightless

Unlocking the Secrets: 0:14:28

Unlocking the Secrets: My HackTheBox Challenge on Sightless.htb! 🕵️‍♂️💻

Sightless Hack The 0:08:05

Sightless Hack The Box Walkthrough - Capturing the user flag

HackTheBox Sightless 😎 0:43:27

HackTheBox Sightless 😎

My HackTheBox Challenge 0:05:43

My HackTheBox Challenge on Sightless.htb! 🕵️‍♂️💻 (part 2)

HackTheBox - Sightless 1:02:32

HackTheBox - Sightless

Sightless Walkthrough | 0:36:20

Sightless Walkthrough | Hack The Box

Sightless | HackTheBox 0:56:48

Sightless | HackTheBox | Linux | Easy | CyberPranava

Sightless Room Pro 0:22:05

Sightless Room Pro Spills Top Secrets to Beating the Game!

Hack The Box: 3:59:56

Hack The Box: Sightless

Tier 0: HackTheBox 0:46:30

Tier 0: HackTheBox Starting Point - 5 Machines - Full Walkthrough (for beginners)

Hacking Bank from 0:28:17

Hacking Bank from Hackthebox | HTB Bank Walkthrough | Ethical Hacking

HackTheBox Sightless User 0:50:38

HackTheBox Sightless User NL Walkthrough

HTB Sightless Walkthrough 0:15:32

HTB Sightless Walkthrough

Подсматриваем за Chrome 0:12:45

Подсматриваем за Chrome Debugger: HackTheBox Sightless

SQLPad SSTI Exploit: 0:23:53

SQLPad SSTI Exploit: User Access to Sightless | HackTheBox Walkthrough (SSTI to RCE)

HackTheBox Sightless 1:16:32

HackTheBox Sightless Root Walkthrough Nederlands

My Guide to 0:19:13

My Guide to HTB’s CPTS Course/Exam

Hack The Box: 5:06:00

Hack The Box: Sea

Sightless - Hack 0:33:53

Sightless - Hack the Box

Tier 1: HackTheBox 1:07:02

Tier 1: HackTheBox Starting Point - 6 Machines - Full Walkthrough (beginner friendly)

Sightless HTB | 0:38:33

Sightless HTB | Hack The Box over Christmas

How to get 0:13:50

How to get started in cybersecurity: HTB Labs - Episode #2

Máquina Sightless de 0:34:49

Máquina Sightless de HTB.

Комментарии
Автор

Last week, I was in a meeting trying to explain the Ivanti vulnerability to other teams. At one point, I found myself was saying 'With that being said, let's just jump in.'

apkanalyze
Автор

Great work man! I DREAM OF BEING A PENTESTER, but holly crap there's a lot to learn makes me scared sometimes.

Progressive_Entrepreneur
Автор

Me when I watch other 45min + videos * Press 2 x speed. Me when I watch IppSec 45min + videos * Press .5 speed. haha. What a talent!

MikeyP
Автор

3 Week Gone 😅

Been Waiting For New Ipp Vid 😊🎉

RISE_BEFORE_YOU_GREECE
Автор

Missed your videos sir happy new year and welcome back 🎉🎉🎉

Mhmud
Автор

ctrl+shift+t reopen closed tab ;-)
btw this box can't be easy. the first attempt to get the user flag was easy but to get the root flag is quite more than 1-3 steps like an easy box should have.

Marco_Ris
Автор

Senin sayende ilerliyorum çok teşekkür ederim .. king of kings 😂🎉❤

SOLOxUNS
Автор

Amazing as usual, i've got a question, how much time it takes for a newbie, to solve a box like this ? and is this suppose to be easy ? ^^

anonymousvevo
Автор

For the froxlor part, you can use the install command to copy a file and set permissions in one go
install -o root -g root -m 4755 /bin/bash /tmp/bash

gqngster
Автор

Ippy, you're back!!! Happy New Year!!! In 2025 we'll have:

* More Ipp memes
* More pop culture references
* More "Hey Ipp" questions/riddles/challenges
* More "Let's see" and more "There we go"
* Comments that are actually related to the videos (P(A) < 1 x 10⁻⁶)

AUBCodeII
Автор

Hi, trying to do the squiggly C inside SSH, and I have "Commandline disabled", although I've tried connecting via SSH as root from the HTB Pwnbox.
What should I do? Thanks!

MarcelN
Автор

Hey ipp, was wondering about the process at 14:50 to get a proper tty shell. I didn't know the script -q trick, is there a place where we can learn more about these? I also don't fully understand how/why it works, but I guess that's more to do with the Linux terminal than security

Denis-xljx
Автор

23:07 I can't open the ssh>

When I do ~C + enter nothing happens, would anyone help me?

lespetitjoueurs
Автор

How to do that ~C then send into ssh in background?

kaixianwongful
Автор

I dont like this machine at all. But I discovered for myself that I can pwn AD easily. It was strange)

vakdan
Автор

Lol, when I was in the box, I sawed other peoples work kinda gave up the root.txt.

DrNatas
Автор

My burp suite is not intercepting requests to 127.0.0.1:9000

defkrogeldiz