How Hackers Hack Online Resume Builders
Автор: Motasem Hamdan
Загружено: 2025-05-23
Просмотров: 363
Описание:
This video is a detailed cybersecurity demonstration showing how attackers can exploit insecure online resume builders. It explains how vulnerabilities like Local File Inclusion (LFI) allow hackers to access sensitive server files through seemingly innocent features like PDF export. This video uses HackTheBox Heal Machine for demonstration purposes.
****
Receive Cyber Security Field, Certifications Notes and Special Training Videos
https://buymeacoffee.com/notescatalog...
Writeup
https://motasem-notes.net/hackthebox-...
******
Store
https://buymeacoffee.com/notescatalog...
Patreon
/ motasemhamdan
Instagram
/ motasem.hamdan.official
LinkedIn
[1]: / motasem-hamdan-7673289b
[2]: / motasem-eldad-ha-bb42481b2
Twitter
/ manmotasem
Facebook
/ motasemhamdantty
TikTok
/ motasemhamdan0
***
00:00 - Intro: How Hackers Exploit Resume Builders
00:35 - Using a Demo Scenario
00:47 - Resume Download Vulnerability Explained
01:06 - Local File Inclusion (LFI) Overview
01:48 - Exploiting LFI to Access Sensitive Files
02:57 - Demo: Building a Resume on a Vulnerable Platform
03:59 - Exporting Resume via Burp Suite Interception
04:22 - Manipulating File Name Parameters
05:44 - Accessing /etc/passwd File
06:24 - Identifying the Root Cause in API Host
06:49 - Additional File Exposure: /etc/hosts
07:22 - Investigating the API Server (Ruby on Rails)
08:02 - Attempting to Access Configuration Files
08:54 - Extracting SQLite Database Credentials
09:50 - Exploring Database Contents
10:35 - Cracking Password Hashes with Hashcat
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке: