HackTheBox RegistryTwo

IppSec

Подписаться 249 тыс.

Просмотров 12 тыс.

50% 1

Видео Поделиться Скачать Добавить в

Опубликовано:

29 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 34

@spandexvortex1097 7 месяцев назад

I think the reason you're getting the file content when you do 'ls' @1:34:00 is because of missing break statements for each 'case' condition. In Java, it's required to add the break statement after each 'case' condition ends, otherwise, it'll continue until it finds a break or until the default case.

@ippsec 7 месяцев назад

Ah. Thanks! Yup that would explain it.

@AUBCodeII 8 месяцев назад

Ipp, you have a smooth brain. No ridges or lumps, or valleys or bumps; all ideas slide right off, like a waterslide!

@NicolastheThird-h6m 7 месяцев назад

Practice over years makes us think like a robot.

@AUBCodeII 7 месяцев назад

@@NicolastheThird-h6m Smooth brain is actually good, because: * Smooth * No wrinkles * Cute * Can't think = no sad

@dadamnmayne 7 месяцев назад

The benefit of this format is not only do you get a walkthrough but you might get a vim tip or a tip to convert your burp suite repeater data to a curl command.

@dadamnmayne 7 месяцев назад

i like when machine creators lead you to either a id_rsa or a password. that way, in practice, you can jump straight to lateral movement or priv esc if desired, especially on insane machine. its like a checkpoint.

@apkanalyze3623 7 месяцев назад

That sneaky video was the good one :) I'm still smiling when I recall you reading the entire 'Total number of IPv6.' aaah good old days.

@ihavelowiq2723 7 месяцев назад

this is a simple request from a beginner. can u add beyond root part to every video. even thought they are easy box nothing crazy to show, can u route us through the box, showing how the site is hosted, how the inside is working, what are the main points we need to check, how the box creator has done things using crons like that. thank you. i always amazed by ur knowledge

@miroslavmetodiev8915 7 месяцев назад

23:41 You can undo an accidental tab close with ctrl+shift+T Thanks for being awesome! ❤

@eyezikandexploits 7 месяцев назад

This box was a struggle for me

@tg7943 7 месяцев назад

Push!

@BenasserAitLhajLahcen 8 месяцев назад

Greeting From Morocco

@abdelhay. 8 месяцев назад

Mgharba everywhere

@abdelhay. 8 месяцев назад

Mgharba everywhere

@BenasserAitLhajLahcen 7 месяцев назад

@@abdelhay.Wayih

@Y4riss 7 месяцев назад

hhhhh

@noctavel 7 месяцев назад

Question: Why did you use http to transfer files from your host to victim but used nc the other way around (twice)? any specific reason or just your standard flow?

@ippsec 7 месяцев назад

Habit - Generally speaking when doing offensive work, your target will be behind a NAT. So standing up a listener won't help much as there isn't the port forward (PAT) setup to access the webserver from the outside. On the attacking side, you have control of the router, or are you just are on a routable IP Address, so you can stand up a webserver.

@notTh3Mag1c1an 7 месяцев назад

is the volume a little lower or is it just to me?

@ippsec 7 месяцев назад

Very well could be -- Something changed my volume settings before recording this video. Think Zoom maxed out my microphone and I had to find out the right settings.

@notTh3Mag1c1an 7 месяцев назад

@@ippsec No worries Man, I increased the volume. We all good, it wasnt that low.

@vijayvj3976 7 месяцев назад

Out of the box thinking 💯

@b14cky30 8 месяцев назад

I have one simple question: which technique should we apply for exploiting the machine after lots of enumeration? 1. Breadth First Search (Horizontally Proceed) - Means First of try all thing as surface level for initial foothold 2. Depth First Search (Vertically Proceed) - Means First Take one thing and deep dive into it and then another one.