HackTheBox - Bitlab
01:05 - Begin of recon
01:58 - Taking a loot at the webserver and seeing a GitLab signin page
02:53 - Using wget and exiftool to check metadata on files on the server to see when stuff was uploaded
04:00 - Running gobuster, explaining why we need the Wildcard flag on this box for this tool to work
05:50 - Finding the /help directory which has some javascript that contains the password to GitLab
10:28 - Logging into Gitlab with creds from the
11:11 - Showing how to do GoBuster with a cookie (gets past the wildcard issue earlier in the video)
13:20 - Looking at snippets to see a Postgresql password
14:10 - Looking at Git Commit History of various files to see there’s a post hook to upload merges to a webserver
16:10 - Creating a New Branch on Profile, adding a webshell, then merging it to trigger it to be uploaded to the server
19:10 - CMD PHP Shell is on the server, lets get a reverse shell.
20:05 - Reverse shell returned, setting up a proper pty with rows and
4 months ago 00:10:23 1
7 months ago 00:00:00 1
8 months ago 00:04:06 1
9 months ago 00:32:44 18
9 months ago 00:34:38 2
9 months ago 01:27:34 5
9 months ago 00:37:18 6
9 months ago 00:41:25 5
9 months ago 01:46:13 2
9 months ago 01:12:42 4
9 months ago 00:26:29 1
9 months ago 02:06:46 2
9 months ago 00:54:43 11
9 months ago 02:05:30 1
9 months ago 00:33:44 1
10 months ago 00:27:16 1
10 months ago 00:30:39 1
11 months ago 11:21:04 1
12 months ago 05:30:24 3
1 year ago 01:02:06 17
1 year ago 00:16:21 18
1 year ago 02:09:39 15
1 year ago 00:29:19 2
1 year ago 00:39:17 7
