Really skilled ❤awesome

Thanks! Great explanation! 😀

love your rooms brother. This room and second are the rooms where I have learned the most! Amazing box designer and I cannot wait for your next box!

thanks for the amazing content.

You are amazing! I really enjoyed your writeup!

good explaination but i still have a litlle confusing --> do you know another CTF ' s like this ? having the same idea 's?

there is no lsadump file in the zip file for me

I need to start using Docker, clearly will save me time. thanks for a good video

Such a cool idea for a challenge! Super well put together 👏 also, watching you set up Docker to run pypykatz was super helpful for someone like myself who is beyond useless when it comes to containerization.

Thank you for making it like real hacking. How were Chisel Client and Server created, which were not in Part 1 when you started?

😂🥵😁

It's perfect

It was a very good lecture.

It's a good video. however b = b'C^_M@__DC\\7,' Can you tell what encryption technique was used just by looking at this? xor += chr(b[b_index] ^ ord(pass_key[b_index % len(pass_key)])) Is there a way to infer this?

very very good~~

really nice explaination.. thanks

Great Work sir,,, Thank's a lot for making the machine

Thanks a lot for the challenge, especially for setting up the profile. It helped me learn more about the Linux mem/profiles in volatility. Much appreciated!

Finally a dependable method of installing Volatility. 😅 Awesome challenge

"Promosm"

This is really a hard box. Thank you for this explanation. I also learnt a lot of cool shortcuts just by watching you navigate your system. Love it. Great work

DANG this was a super involved box. I learned a lot, very impressive stuff! 👏

In spanish please

Awesome ❤

thank you for this lesson in sqli :)

Here, here same as @divinedreams5657. Bigger letters would have been great!

So video is so inspirationnal and awesome, like I love the whole content, each step is a delight. I loved the way you continued with generating the SSH keys instead of just going on, that was dope. Great job really, I learnt alot.

Man!!! im still a beginner. I was doing basic stuff and did'nt know it was going to be that hard WOW. I completed the AOC2023 but this challenge got me stuff at the console pin section after running go buster. What new to me is Burp suite. Thank you for the video i give it a bash, i just need to get burp suite. I think the Pentesting and Red teaming is a total new world for me but got start somewhere right :-)

😣began well with finding the SQLi, and SSRF but got blocked on how to do next, cool room, gonna go and take my revenge on it

One of the most enjoyable yet frustrating, but enjoyable (yes I said it twice) challenges I've ever done. Great job putting this together, and to the whole THM team for all the side quests!

Took me 2 days to find the privesc because I didn't notice the 'enable' command. Finally I discovered the '[' executable by running the shell script with 'strace' and grepping for 'execv' calls. You can also grep for 'stat' calls and notice how bash is searching for the '[' executable in the locations specified in the path variable. Awesome challenge, had a lot of fun doing it.

Can you make all 4 walkthroughs?

Awesome. Learned few new things. Thanks man.

It's a nice tutor ... thank you for share, i will try to upload my video based on your way if you don't mind. May be i am to lamme not check on git.

Wooooah, that path hijacking privesc was crazy! 🤯Definitely requires a keen eye. Awesome challenge and walk-through.

how did your console is revealing the your vpn ip can u share the custiomization procedure? Thank

Some Nice content here🔥Really learnt a lot

first payload was "...http:%3a//" so it was two :

you're doing great. keep uploading video.

Very nice video 🤩Thank you for creating this video on my room!

Nice video. Simply adding a reverse shell into .profile is enough to trigger the reverse shell. No need for messing with cat or the path.

13:55 you can just do `| tr -d " "` to remove new lines.

this is legit content deep knowledge thank god I found this. Thank you very much sir

Ez

thank you

i cannot find that ip address

Interesting machine, thanks!

I'm having an issue with the hydra, it tells me it found no password

Thank you for sharing the video. The explanation provided was excellent and it also offered valuable supplementary insights.

wow great video! i just did this box today and rooted it via the online exploit but seeing your video i learned a lot! thx, amazing :)