Ippsec thanks so much for the content you keep releasing i started pentesting about 6 months ago a complete beginner i watched how you tackled each box and right now I've done about 9 boxes that are active in hack the box Thanks sir you always motivate beginners pentesters like me
Hello Ian. How much did you know prior to starting pentesting? Did you know anything on security? Sys admin? Any other CS-related fields? Do you have a degree in CS? I am asking because I very much admire IppSec's videos and I often find myself wondering how much work it would take for me to learn it all.
@@Cullinan000 i had no background in cybersecurity i was just looking for walkthroughs on HackTheBox machines on youtube and came across ippsec's channel started watching his easy box which later i advanced to the more difficult ones that's now been over a year and a half And it worked for me I've published few exploits on exoloitdb and right now I've solved over 30 boxes Watching his videos is a gain for sure can't wait for the one being released tommorrow 💪💪
I played with this box a lot to get root (this was my first box) and finally I gave up on it, because I totally stucked at that jourmalctl point, now I understand, thanks for showing and explaining how things works :)
Using find, grep & md5sum at 50:27 was interesting, but for me a much simpler approach would be `diff -r 196-src-dir 197-src-dir` Love your videos. Amazing work. So much great content.
38:08 When I removed the pipe after the sudo command the journalctl would not go into Less, but just finish. A lot of people had that. The trick was to make the terminal smaller than 5 lines, then it would stay in Less. What could it be that Ippsec didn't have to do this?
I actually attempted the command and gotten root without having to resize, because I like to keep the terminal mid sized and vertical. But I agree with you it should be less than 5 as it says in the command n5, however if you try going 4 or 3 it won't work only 2 and 1 which is weird
Thanks for this I was going insane trying to figure out why in the world mine was just dumping me to the terminal, any idea why resizing the terminal made a difference?
@ippsec Question, manpage of nc says the following: -l, It is an error to use this option in conjunction with the -p, -s, or -z options. Same goes for: -p source_port Specifies the source port nc should use, subject to privilege restrictions and availability. It is an error to use this option in conjunction with the -l option. Was just wondering why you us nc with -lvnp, which I am doing as well since watching your videos. Thanks!
I need you advice am interesting on this but what u are using is Kali It was fine with me tell the last update when i install it on my mac the wifi not working tried couple of methods and nothing work .. The question here can i use ubuntu as what you are showing in your video ?? Is there big different if i use the tools but on ubuntu or you recomend Arch bec Kali not working
As always,, great explanation. a simple note: if u want to run LinEnum in thorough mode, you don't need to edit the script, just enable the '-t' flag :)
OMG ! Can anybody tell me why this happens ? When I run "/usr/bin/sudo /usr/bin/journalctl -n5 -unostromo.service" this command in full screen terminal it gives me error(which is it just "cat" it and not run it in "less").... But when I use small screen on terminal and run the exact same command it runs in "less" and I get to root. Why this weird stuff is happening ?
I believe if your term window can support all of the data the journalctl provides, you exit gracefully from less and journalctl. Gaining a shell will work on your Kali machine as well...# sudo journalctl -xe followed by !/bin/sh....
@@toddjacobsen6492 Yes actually gaining shell on my kali works. But when I run the command as david user in full screen terminal it doesn't work except when I run command as david user in small screen it works !
@@evildead7845 , the functionality/output of journalctl is the same on your Kali box...if the log messages are less than the term window rows, journalctl exists gracefully without less.
For finding directories or files in directories with only execute permissions(Only works if we know the name of file/directory) - find / -type d -perm -a+x 2>/dev/null | while read LINE; do ls -al "$LINE/public_www"; done 2>/dev/null Does not outputs the absolute path. I don't know how to do that. Let me know if anybody knows ...
@@ippsec Last part is bullshit cause for some reason and for some users journalctl will just cat instead of using less. So for this to work you had to know that journalctl doesn't less unless you have enough space on your screen. Log file was tampered with and didn't display as many lines as you did, that's why it didn't work for me the first time.