This video was sponsored by Hexway. Check out the Hive platform for free at https://hexway.io/pricing/ Download here: https://hexway.io/wp-content/uploads/install_hive_en-US.run ▶️ YouTube: https://www.youtube.com/c/PinkDraconian ? Patreon: https://www.patreon.com/PinkDraconian ? Twitter: https://twitter.com/PinkDraconian ? TikTok: https://www.tiktok.com/@pinkdraconian ℹ️ LinkedIn: https://www.linkedin.com/in/robbe-van-roey-365666195/ ? Discord: PinkDraconian#9907 ? Instagram: https://www.instagram.com/robbevanroey/ ?️ Website: http://pinkdraconian.d4rkc0de.com/ ?‍? HackTheBox: https://www.hackthebox.eu/home/users/profile/129531 ? Reddit: https://www.reddit.com/user/PinkDraconian ☁️ Steam: https://steamcommunity.com/id/PinkDraconian ? GitHub: https://github.com/PinkDraconian 00:00 Introduction 00:15 NMAP 01:15 Hive platform 05:20 Voting System using PHP SQLi 08:50 Hive creating issue 10:20 SSRF 13:55 Authenticated RCE voting system 18:20 Running WinPEAS 23:00 Exploiting AlwaysInstallElevated 27:30 Hive platform running through features 29:30 Checking out the automatic report generation of Hive ... https://www.youtube.com/watch?v=5DGyGSYxMG4

HackTheBox - Introduction To Binary Exploitation Track Playlist: https://www.youtube.com/playlist?list=PLeSXUd883dhjnFXPf2QA0KnUnJnn9dPWy ▶️ YouTube: https://www.youtube.com/c/PinkDraconian ? Patreon: https://www.patreon.com/PinkDraconian ? Twitter: https://twitter.com/PinkDraconian ? TikTok: https://www.tiktok.com/@pinkdraconian ℹ️ LinkedIn: https://www.linkedin.com/in/robbe-van-roey-365666195/ ? Discord: PinkDraconian#9907 ? Instagram: https://www.instagram.com/robbevanroey/ ?️ Website: http://pinkdraconian.d4rkc0de.com/ ?‍? HackTheBox: https://www.hackthebox.eu/home/users/profile/129531 ? Reddit: https://www.reddit.com/user/PinkDraconian ☁️ Steam: https://steamcommunity.com/id/PinkDraconian ? GitHub: https://github.com/PinkDraconian CTF: HackTheBox Link: https://www.hackthebox.eu/ Category: Pwn Challenge name: HTB Console Difficulty: 4/10 00:00 Introduction 00:30 Checking out the binary 01:30 Opening in Ghidra 02:40 Finding the buffer overflow 03:30 Getting offset to RIP to know how much padding we need 05:00 Looking for bad function/instruction we can use in a ROP using objdump 06:50 We need to pass an argument using RDI, so we need a ROP chain 11:00 Finding a way to get a string in memory that we have a pointer to ... https://www.youtube.com/watch?v=BQOInyDjfV0

DISCLAIMER: A small mistake was made when showing how to crack the rar. A '=' should be included between '--wordlist' and 'path/to/rockyou.txt'! CTF: BambooFox CTF Link: https://ctf.bamboofox.cs.nctu.edu.tw CTFTime link: https://ctftime.org/event/953 Category: Misc Challenge name: I can't see you! Description: Can you know me? (all capital letters) Difficulty: 2/10 Github with artefacts: https://github.com/PinkDraconian/CTF/tree/master/BambooFox%20CTF/Misc/I%20can't%20see%20you! ... https://www.youtube.com/watch?v=sztKrWogFLg

CTF: AUCTF CTF Link: https://ctf.auburn.edu/ CTFTime link: https://ctftime.org/event/1020 Category: Pwn Challenge name: Thanksgiving Dinner Description: I just ate a huge dinner. I can barley eat anymore... so please don't give me too much! nc challenges.auctf.com 30011 Note: ASLR is disabled for this challenge Difficulty: 4/10 Github with artefacts: https://github.com/PinkDraconian/CTF/tree/master/AUCTF/Thanksgiving%20Dinner ... https://www.youtube.com/watch?v=-sdAjeTYJSA