HackTheBox - Shocker
If you want some more details about the actual ShellShock exploit, check out the Beep Video.
00:39 - Begin Nmap, OS Enum via SSH/HTTP Banner
05:00 - GoBuster
07:08 - Viewing CGI Script
08:50 - Begin NMAP Shellshock
09:50 - Debugging Nmap HTTP Scripts via Burp
11:10 - Fixing the HTTP Request & nmap script
14:45 - Performing Shellshock & more fixing
18:25 - Getting a reverse shell
21:19 - Running
23:00 - Rooting the box
3 months ago 00:10:23 1
6 months ago 00:00:00 1
7 months ago 00:04:06 1
8 months ago 00:32:44 18
8 months ago 00:34:38 2
8 months ago 01:27:34 5
8 months ago 00:37:18 6
8 months ago 00:41:25 5
8 months ago 01:46:13 2
8 months ago 01:12:42 4
8 months ago 00:26:29 1
8 months ago 02:06:46 2
8 months ago 00:54:43 11
8 months ago 02:05:30 1
8 months ago 00:33:44 1
8 months ago 00:27:16 1
9 months ago 00:30:39 1
9 months ago 11:21:04 1
11 months ago 05:30:24 3
11 months ago 01:02:06 16
11 months ago 00:16:21 18
11 months ago 02:09:39 15
11 months ago 00:29:19 2
1 year ago 00:39:17 7
