HackTheBox - Bolt
00:00 - Intro
00:50 - Start of nmap
01:50 - Examining the SSL Certificate to find alternative names
02:30 - Discovering PassBolt, but looks like we need an email to login to passbolt
04:10 - Checking the and finding a link to download a custom docker image
06:30 - Extracting the docker image and viewing the docker layers
08:00 - Showing off “Dive“ which is a tool to navigate docker images
08:50 - Showing my initial process at analyzing this with a little bash-fu
10:50 - Creating a bash loop to print every file
11:50 - Viewing , and history files by decompressing the layers they are in
14:20 - Viewing information in the SQL Lite Database and grabbing a password hash
17:00 - Logging into the web app
21:00 - Extracting all of the layers so we can view the source code
23:30 - ash_history is now empty, which shows there were multiple versions of this file
25:00 - Viewing different versions of in the docker layers
27:30 - Exrtacting
3 months ago 00:10:23 1
6 months ago 00:00:00 1
7 months ago 00:04:06 1
8 months ago 00:32:44 18
8 months ago 00:34:38 2
8 months ago 01:27:34 5
8 months ago 00:37:18 6
8 months ago 00:41:25 5
8 months ago 01:46:13 2
8 months ago 01:12:42 4
8 months ago 00:26:29 1
8 months ago 02:06:46 2
8 months ago 00:54:43 11
8 months ago 02:05:30 1
8 months ago 00:33:44 1
9 months ago 00:27:16 1
9 months ago 00:30:39 1
9 months ago 11:21:04 1
11 months ago 05:30:24 3
11 months ago 01:02:06 16
11 months ago 00:16:21 18
11 months ago 02:09:39 15
12 months ago 00:29:19 2
1 year ago 00:39:17 7
