HackThebox - Boardlight

Рет қаралды 8,876

Күн бұрын

Пікірлер: 40

@rohitjain6408 Ай бұрын

Thank you, IppSec! 🎉 Boardlight was my first machine. Your walkthrough brings back all the memories of working through it. Appreciate your content as always, it’s been a huge part of my learning journey.

@Stradlverius Ай бұрын

I love when you dig into exploits and walk through WHY it works!

@Myk4my Ай бұрын

Man, I love these analyzes that Ipp does, I learn a lot more this way than just passively watching the video. When he started reading the code in C for example, I paused the video and tried to read it on my own, which reminded me that I love C ANSI. Learning this way is much more fun and productive. One of my favorite videos now.

@rilleygamez3502 Ай бұрын

daaaamn, i just literally pwned this machine yesterday, i was thinking if u gonna upload a vid about it, thanks so much ipp sir❤

@Luismahmutaj Ай бұрын

U created this machine?

@rilleygamez3502 Ай бұрын

@@Luismahmutaj no bro, i said i pwned it yesterday, and its actually a very useful machine.

@Luismahmutaj Ай бұрын

@@rilleygamez3502 ah sorry bro, english is not my first language so sometimes i get confused with the cybersecurity terms

@rilleygamez3502 Ай бұрын

@@Luismahmutaj no problem bro, its fine.

@Ms.Robot. Ай бұрын

I just got my Master's Cyber Ops degree. Thanks for inspiring me to get my degrees. ❤🎉

@Jigsaww64 Ай бұрын

Superb explanations as always IppSec I'd love to hear how you got into the field & how you came to be so knowledgeable

@praisebuka2 Ай бұрын

Nice walkthrough you've got here man

@NatteeSetobol Ай бұрын

I remember this box. I could not get the exploit script to work so I did it manually which was really annoying because it kept deleting everything. I have to remember to stay calm and keep going no matter how annoying or hard it is!

@harisankar1024 Ай бұрын

25:00 both -4000 and -u=s in the find command gives the same output right?

@vinirune Ай бұрын

Yes

@GreatAllen-p4m Ай бұрын

just came to drop a like and a comment will watch later

@jmprcunha Ай бұрын

Tthank You :)

@MustafaGains Ай бұрын

I didn’t run the the priv esc script. First thing came to my mind was SUID binary exploits i list them and i saw that vulnerable SUID to priv escalation.

@user-xg8sd9fl3e Ай бұрын

The php shell i used seemed to block execution and took down the site. I was using a shell that was trying to use a forking function that didn't exist, but curious if you ran into that issue or were you on a private instance?

@theexclusivecorner Ай бұрын

Great content as usual! When I do the vhost scan with gobuster I get a lot of fals positives but you didn't? What did you do differently to just get the sub-domain show and none of the false positive results? I typed the exact same gobuster command? Thank you

@gnuppy 11 күн бұрын

Hope you found an answer by now, but for anybody else wondering, you need to add --append-domain flag

@user-xg8sd9fl3e Ай бұрын

man just got user on this yesterday, didn't realize it was about to be retired -.-

@tg7943 Ай бұрын

Push!

@adhivigneshwarar Ай бұрын

hey guys, I'm stuck in the part where we login to sql . when i try to login and enter the password it just gets stuck there, it's not logging in to sql. I double checked the username and password too. Can anyone help?

@John-f9h Ай бұрын

Show what command you are using

@AUBCodeII Ай бұрын

If you're passing the password as an command argument, then you should put it between single quotes because of the characters "$" and "!"