Hack The Box Haystack

00:54 Begin of Recon find Elastic Search on 9200 02:00 Checking the exif data in the image, nothing interesting, but showing FF changes some metadata when downloading (foresnic tip) 03:55 Navigating to port 9200 and seeing the Elastic Search JSON Response 04:48 Searching Elastic Search Documentation to see how to make queries 06:00 Using, cat, indices to see the tables withing ES 07:37 Using, quotes, search to dump the Quotes indicy, then using jq to extract desired data 13:20 Lets switch over to Python to extract this data so we can translate this into English 17:00 Installing googletrans, so our script can translate this. Using python3 cli to test this out 20:10 Adding googletrans to our script 21:10 Running our script to translate everything and then using grep to find the needle 22:50 SSH ing to the box with the security user 24:00 Running LinEnum, noticing kibana listening on 5601 28:15 Creating a Local Port forwar