HackTheBox - Bitlab
01:05 - Begin of recon
01:58 - Taking a loot at the webserver and seeing a GitLab signin page
02:53 - Using wget and exiftool to check metadata on files on the server to see when stuff was uploaded
04:00 - Running gobuster, explaining why we need the Wildcard flag on this box for this tool to work
05:50 - Finding the /help directory which has some javascript that contains the password to GitLab
10:28 - Logging into Gitlab with creds from the
11:11 - Showing how to do GoBuster with a cookie (gets past the wildcard issue earlier in the video)
13:20 - Looking at snippets to see a Postgresql password
14:10 - Looking at Git Commit History of various files to see there’s a post hook to upload merges to a webserver
16:10 - Creating a New Branch on Profile, adding a webshell, then merging it to trigger it to be uploaded to the server
19:10 - CMD PHP Shell is on the server, lets get a reverse shell.
20:05 - Reverse shell returned, setting up a proper pty with rows and
5 years ago 00:41:52 21
3 years ago 02:19:39 34
3 years ago 01:35:23 21
1 year ago 02:09:39 15
2 years ago 00:29:22 8
2 years ago 00:29:32 7
4 years ago 00:59:17 7
7 years ago 01:05:10 0
4 years ago 00:33:08 4
4 years ago 00:42:17 5
3 years ago 00:26:05 24
4 years ago 01:02:12 6
7 years ago 01:02:17 0
4 years ago 00:57:06 2
1 year ago 00:26:29 1
6 years ago 04:28:24 7
6 years ago 01:22:36 0
4 years ago 00:16:02 1
3 years ago 00:40:01 31
4 years ago 01:33:24 3
3 years ago 01:28:45 23
4 years ago 01:03:57 3
4 years ago 00:57:33 1
1 year ago 02:06:46 2
