VulNyx: Look - PHP Info Leak and Nokogiri Command Hacking
0:00 Start
0:26 Initial scans
4:34 PHP info output
6:38 PHP info user disclosure
7:05 Brute forcing the SSH password
9:05 Initial access
10:50 Grepping for user credentials
14:27 Lateral privilege escalation
15:28 Privilege escalation with Nokogiri
18:25 We are root
18:41 Wrap-up
You can download the challenge VM from the following link:
https://vulnyx.com/#look
Download the file, then unzip the file and deploy the VM using VirtualBox or VMware. You will also need to have an "attacker" VM with security tools installed on it, e.g., Kali Linux, deployed to the same VM network.
The following links are related to topics covered in this challenge:
Nokogiri Documentation:
https://nokogiri.org/index.html
IRB GTFObins Entry:
https://gtfobins.github.io/gtfobins/i...
HackerFrogs Links:
Twitch:
/ theshyhat
Kick:
https://kick.com/theshyhat
Reddit:
/ hackerfrogs
Watch video VulNyx: Look - PHP Info Leak and Nokogiri Command Hacking online without registration, duration hours minute second in high quality. This video was added by user theshyhat 04 January 2025, don't forget to share it with your friends and acquaintances, it has been viewed on our site 48 once and liked it 2 people.