HackTheBox - MonitorsFour

IppSec · Beginner ·🔐 Cybersecurity ·6h ago

Skills: Network Security80%

00:00 - Introduction 00:57 - Start of nmap 03:20 - Looking at the webpage doing basic enumeration 05:30 - Talking about Orange Tsai Worst Fit -- Doesn't get us anything but a path i went down first 09:50 - Discovering the /user endpoint, fuzzing the token parameter discovering type juggling, cracking hashes 14:40 - Logging into the application, which seems like an odd static page 18:00 - Discovering the Cacti Domain, Logging in and showing we can enumerate if a user is valid or not by a timing attack 23:50 - Exploting CVE-2025-24367 , which lets us create php files on the target 28:40 - Creating the payload to drop the file to get RCE 36:00 - Shell returned. 38:10 - Using bash to be a basic port scanner, then dumping the database 45:00 - Manually exploiting CVE-2025-9074, talking to Docker over HTTP to create a container that mounts the host operating system in a container then reading the flag 55:00 - Getting code execution on the host by looking at scheduled tasks and changing a powershell script that runs every 3 minutes

Watch on YouTube ↗ (saves to browser)

Sign in to unlock AI tutor explanation · ⚡30

More on: Network Security

View skill →

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

GNS3 Labs: DMVPN, IPsec and NAT across BGP Internet routers: Answers Part 7

Building a High-throughput VPN

Configuring Network Connectivity Center as a Transit Hub

VPC Flow Logs - Analyzing Network Traffic

HackTheBox - Intentions

HackTheBox - Intentions

Google Cloud Packet Mirroring with OpenSource IDS

Related AI Lessons

Universal SASE vs Single-Vendor SASE: Which Delivers Better Security & Performance?

Learn how Universal SASE and Single-Vendor SASE impact security and performance in the wake of high-profile breaches like the Salesloft's Drift platform compromise

How Hybrid Encryption Taught Me What Real Backend Security Looks Like

Learn how hybrid encryption can enhance backend security and what it takes to implement it effectively

Medium · Cybersecurity

Business Logic Vulnerabilities — From Price Tampering to Expert-Level Parser Attacks

Learn about business logic vulnerabilities, from price tampering to expert-level parser attacks, and how to identify and prevent them

Medium · Cybersecurity

Neredeyse Herkesin Yaptığı 5 Siber Güvenlik Hatası

Learn the 5 common cybersecurity mistakes that can lead to significant data loss and how to avoid them

Medium · Cybersecurity

Chapters (13)

Introduction

0:57 Start of nmap

3:20 Looking at the webpage doing basic enumeration

5:30 Talking about Orange Tsai Worst Fit -- Doesn't get us anything but a path i we

9:50 Discovering the /user endpoint, fuzzing the token parameter discovering type j

14:40 Logging into the application, which seems like an odd static page

18:00 Discovering the Cacti Domain, Logging in and showing we can enumerate if a use

23:50 Exploting CVE-2025-24367 , which lets us create php files on the target

28:40 Creating the payload to drop the file to get RCE

36:00 Shell returned.

38:10 Using bash to be a basic port scanner, then dumping the database

45:00 Manually exploiting CVE-2025-9074, talking to Docker over HTTP to create a con

55:00 Getting code execution on the host by looking at scheduled tasks and changing

He's Actually Trying To Make IPv8 A Thing

Brodie Robertson