https://stream.echo6.co/videos/watch/645f5312-cb6e-461f-b2fa-0a3645d91bb8 00:00 - Introduction 00:45 - Start of nmap 04:00 - Viewing the Flask Cookie with Flask-Unsign 07:30 - Discovering the Report Bug endpoint which is vulnerable to XSS and HTTP Only is false allowing us to steal cookies 08:15 - Another way to discover XSS, look at JavaScript in PageSource which leaks a lot of information 12:40 - Stealing the session cookie with img src xss payload 15:55 - Finding a File Disclosure then leaking the application source code 18:40 - Using Curl to download all the source code, making it easier to do source code analysis 24:00 - Using OpenGrep to locally run a basic static code analysis on the app 28:20 - Abusing the Command Injection to get a shell 32:50 - Discovering an AES Encrypted zip, copying it to our box then cracking with aescrypt2hashcat 37:30 - Using pyAesCrypt to decrypt the file 40:20 - Exploiting the custom binary Charcol Mon, 13 Apr 2026 16:44:22 GMT https://validator.w3.org/feed/docs/rss2.html PeerTube - https://stream.echo6.co https://stream.echo6.co/client/assets/images/icons/icon-512x512.png https://stream.echo6.co/videos/watch/645f5312-cb6e-461f-b2fa-0a3645d91bb8 All rights reserved, unless otherwise specified in the terms specified at https://stream.echo6.co/about and potential licenses granted by each content's rightholder.