HackTheBox – Noter
#HackTheBox #Noter
“IppSec”
00:00 – Intro
00:57 – Start of nmap
02:40 – Registering an account
02:55 – Enumerating valid usernames based upon error message
05:30 – Using ffuf to match regex to enumerate valid usernames
07:10 – Poking at the web applicaiton trying IDOR/SSTI and failing
08:50 – Looking at the cookie given by…
source
Concluzion: HackTheBox – Noter – [vid_tags]