HTB - Pilgrimage Writeup

This page summarizes the projects mentioned and recommended in the original post on dev.to
Misc/Other Image Git Data Analysis Imagemagick

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • git-dumper

    A tool to dump a git repository from a website

    • Now we know for sure there is a /.git/ folder on the server. Now we can use a tool like Git dumperto extract all of the information from the git folder on to our own machine and take a look at the source code.

  • CVE-2022-44268

    A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read

    • ARBITRARY REMOTE LEAK with CVE-2022-44268

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • ImageMagick

    🧙‍♂️ ImageMagick 7

  • binwalk

    Firmware Analysis Tool

  • CyberChef

    The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

    • When we did cargo run "/etc/passwd" on the file we got an image with code injected into it. When we upload it to the server and download the "shrunken" version of it we can run identify -verbose {image} to get the outputting hex values of our input. Inputting it to something like CyberChef and converting it from hex to ascii we get this output:

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts