HackTheBox – Timing
#HackTheBox #Timing
“IppSec”
00:00 – Intro
01:05 – Start of nmap
02:00 – Running feroxbuster and discovering image.php
05:05 – Fuzzing image.php for parameters and discovering an LFI
07:15 – Enumerating the WAF to find blacklisted strings and then using a php filter to extract source
10:00 – Examing the login.php source…
source
Concluzion: HackTheBox – Timing – [vid_tags]