Python Script to Read Files on Encoding [HackTheBox]
In Encoding from HackTheBox, I've got a web endpoint that will return to me encoded copies of the files on the host. I'll write a Flask proxy so that I can easily enumerate the host, and even run a tool like git-dumper to download a Git repository.
Encoding blog post: https://0xdf.gitlab.io/2023/04/15/htb...
git-dumper: https://github.com/arthaud/git-dumper
☕ Buy Me A Coffee: https://www.buymeacoffee.com/0xdf
[00:00] Introduction
[00:52] Scenario overview
[03:20] Vulnerability overview
[04:03] Strategy for proxy vs script vs in console
[04:58] Starting Flask server with path as variable
[07:17] Updating server to read /etc/passwd from Encoding
[08:58] Updating to take different file names
[09:36] Fixing response content-type to work with git-dumper
Watch video Python Script to Read Files on Encoding [HackTheBox] online without registration, duration hours minute second in high quality. This video was added by user 0xdf 15 April 2023, don't forget to share it with your friends and acquaintances, it has been viewed on our site 824 once and liked it 52 people.