Hack The Box: Postman Walkthrough [Redis, SSH, Webmin Exploit]

4 Comments | SQL By · 20/07/2023



Hack The Box: Postman Walkthrough [Redis, SSH, Webmin Exploit]

Hack The Box: Postman Walkthrough [Redis, SSH, Webmin Exploit]

In this Hack The Box walkthrough you will learn how the Redis database can be vulnerable, if not hardened correctly. We will place an SSH key into the Redis users .ssh/authorised_keys file and login as that user. We then escalate to another user, by cracking their SSH key backup file, to finally gain root using an authenticated Webmin exploit.

Check out my UDEMY course: https://www.udemy.com/course/learn-burpsuite-fast/?referralCode=3BC3FD2C6CFB395169DD

~~~
This is an educational video, gain permission from target owners before attempting anything from this tutorial. By not doing so, you risk being penalised by the computer misuse act or equivalent in your country
~~~

Don’t forget to subscribe and like the video for continued Cyber Security viewing!

Redis-CLI: https://redis.io/download
Redis SSH Issue: https://packetstormsecurity.com/files/134200/Redis-Remote-Command-Execution.html

Twitter: https://twitter.com/TurvSec

Comments are closed.

53GB.COM GPTSTORE CPU Yougpt Gptsio Gpt-store-Nav