00:00 - Introduction
00:50 - Start of nmap
02:00 - Taking look at the web application and fingerprinting the framework
03:50 - Using Jadx to decompile the APK File, then using grep to look for domains and discovering swagger
08:15 - Looking at the source code of the APK File and finding a hard-coded secret that allows us to make API Requests
10:30 - Finding a File Disclosure vulnerability in the Read Log functionality, grabbing a ssh key and logging in
14:30 - Looking at how apache is configured, which will show us where the webapp is. Then dumping the database
19:30 - Using Hashcat to crack Werkzeug hashes
23:00 - Taking a look at Solar-Putty in /opt/backups and cracking its config file
Support the originator by clicking the read the rest link below.
