00:00 - Intro
00:40 - Start of nmap
02:00 - Examining the website, playing with the basket, trying SSTI/SQL Injection special characters
04:30 - Looking at the settings, discovering we can perform a SSRF and get the response back. Grabbing localhost:80
06:10 - The local website runs maltrail 0.53, examining the exploit then manually exploiting it to get a shell
09:10 - Shell returned, checking if we really needed to encode the payload
13:00 - When systemctl runs status, it sends us to less which we can escape out of and run as root
