#9 [Hindi] Broscience HTB Machine | Path Traversal | PHP De-serialization | Command Injection | Pspy
Hi Guys In this video I solved Broscience hackthebox machine.
Little Overview about the machine :
Hacking BroScience involves using a directory traversal / file read vulnerability (minus points to anyone who calls it an LFI) to get the PHP source for a website. First I’ll use that code to forge an activation token allowing me to register my account. Then, the source gives the information necessary to exploit a deserialization vulnerability by building a malicious PHP serialized object, encoding it, and sending it as my cookie. This provides a webshell and a shell on the box. I’ll find some hashes in the database that can be cracked, leading to the next user. The wrinkle here is to include the site-wide salt. For root, there’s a command injection in a script that’s checking for certificate expiration. I’ll craft a malicious certificate that performs the injection to get execution as root
Vision : My vision is to provide cybersecurity knowledge for free to the people of Republic of India. Because from my past experience I learnt that Institutes are fooling peoples to spend large money on their courses, in which they don’t work on the thinking of the student they just focus to complete their courses.
If you have any doubt feel free to reach me out on various handles which I am providing below:
Discord: icoNic#0097
LinkedIn: https://www.linkedin.com/in/neeraj-k-75bb1a130/
Mail: [email protected]