00:00 - Intro
01:00 - Start of nmap
02:17 - Discovering this is a ruby Sinatra Web App based upon error message
03:15 - Discovering credentials in javascript
04:30 - Examining the HTTP Request to resize images and discovering an RCE
10:10 - Getting a reverse shell
11:12 - Discovering we have SETENV with sudo on a script, checking for path injection
12:30 - Exploiting path injection with the find command
16:00 - Exploiting path injection because the script disables some Bash Built-ins
16:45 - Explaining bash built-ins
Support the originator by clicking the read the rest link below.
