HackTheBox - iClean
00:00 - Introduction
01:00 - Start of nmap
02:00 - Taking a look at the website
04:00 - Testing the Get a Quote feature for XSS
06:30 - Weaponizing the img src xss test by adding fetch to attempt to exfil the cookies
10:00 - Looking at the dashboard and seeing what features are available
13:00 - Discovering SSTI in the QR Code Feature, can do basic SSTI but any complex fails without any evasion
18:30 - Explaining the SSTI Evasion with Jinja2/Python
25:45 - Shell returned on the machine, discovering Consuela's password in MYSQL
29:45 - Consuela can run qpdf as rood, looking at the man page and discovering it can attach files
Watch video HackTheBox - iClean online without registration, duration hours minute second in high quality. This video was added by user IppSec 03 August 2024, don't forget to share it with your friends and acquaintances, it has been viewed on our site 12,865 once and liked it 484 people.