HackTheBox - Pit
Рет қаралды 21,777
Күн бұрын
@900dm4n 3 жыл бұрын
Thank you for everything. I have been watching you since the Popcorn video, at that time I didn’t know nothing about what you are doing, it just the terminal and your voice that got me excited to watch. Now with a basic knowledge & a proper google account, I can spend hours after hours rewatching your videos. I have hug respect for you man!
@900dm4n 3 жыл бұрын
@Jonsn0w Gaming about 4 years ago I didn’t have an account. I just watched YT without signing in. I was really kind of noob back then, just know basic stuff about computer, but I do love when someone working on a terminal, and ippsec is the one who I decided to watch.
@900dm4n 3 жыл бұрын
@Jonsn0w Gaming English is not my native language, sorry if I make any misunderstanding
@900dm4n 3 жыл бұрын
@Jonsn0w Gaming At first I really interested in hacking, because of the movie “The Matrix”. But at that time I just thought hacking was like open a terminal and type. When I watch his Popcorn walkthrough, I did ask my uncle and he said it’s legit the linux command he was typing. So I keep watching his videos, until now I decided to jump into info sec. Tough start but really happy when I can finally understand and learn from him.
@ippsec 3 жыл бұрын
Thanks for the comment! Glad you enjoy the videos
@kouroshrajabzadeh4176 3 жыл бұрын
Thanks for the great explanation. Looks like those '403 forbiddens' in gobuster were because of some blacklist keywords like 'conf' and their appearances: 'wp-config', 'conf', 'confirmation' and etc ...
@arthurwestcott5437 3 жыл бұрын
Been going down too many rabbit holes recently on HTB machines. Creators are being more devious - or just more lucky!
@buhaytza2005 3 жыл бұрын
Thinking back to your video about OMIGod and auditd, seems like SELinux would be great in terms of limiting some of the actions that auditd only records. Thanks for the video
@lalithkumar2687 3 жыл бұрын
@IppSec May I know what are u using i mean vmware or virtualbox or dualboot ?
@x.plorer 3 жыл бұрын
Please make a detailed video on SNMP enumeration :) Great video as always!!
@ippsec 3 жыл бұрын
I'm really not a fan at the "targeted learning", or all the people that try to build the "perfect workflow". The amount of information you can get out of SNMP is endless, it's better to just understand the basics of how it works and go with the flow. In this case it was along the lines of "I really wish i knew some HTML Directories... lets grep our notes and hope for the best". A course would say the information could be in there, and you'd feel good completing a lab to say yes i got this information out of snmp before. However, a year or two down the line you forget all about it and its worthless. It's the difference between learning how to fish, and learning how to catch catfish. One is more versatile and will work in a large number of places... Whereas the other is fish and probably location dependent.
@x.plorer 3 жыл бұрын
@@ippsec Yes, understood what you want to convey. Thanks for pointing me in right direction.
@thilosavage 2 жыл бұрын
Was sqlmap not attempted because any injection vulnerability would have already been documented in searchsploit?
@azelbane87 3 жыл бұрын
After 4and+ months away from my kali&computers in general, there is NO other BETTER WAY of getting back and watching 1 of your walkthroughs! Outstanding video as usual, excellent explanation of the SELinux stuff! Absolutely OWSOME!!! Better than an orgasm! 😂👌🏿👍🏿🤣👏🏿👏🏿
@InfectedKnife 3 жыл бұрын
Hello ippsec, I’d like to buy a laptop mostly to do things like you do. I have a budget of around 2k, what would be a viable laptop and what specs should I mostly look for? And what kind of laptop do you use?
@ippsec 3 жыл бұрын
I haven’t used a laptop in a year, and that laptop is 7+years. I’m not the one that can answer this, sorry
@InfectedKnife 3 жыл бұрын
@@ippsec alright, thank you.
@julianopl 3 жыл бұрын
Woot what a class about selinux!!! Thanks a lot!!!
@passerby184 3 жыл бұрын
using htaccess for seeddms doesn't feel right. are they only support appache and ctf author manually installed on nginx or lazy devs left a hole?
@marsanmarsipan 3 жыл бұрын
Your VM has the hostname of omigod still.. Not a big deal, but maybe change so the viewers dont get confused?
@WithoutRemorce 3 жыл бұрын
Please never stop with the video making!
@cpb42 2 жыл бұрын
I think the issue with ssh keys not working was either an selinux flag missing from /home/michelle/.ssh or due to the permissions on /home/michelle/.ssh not being 0700 / too open. Testing with the mode shown (0775) denies access when logging into a test system.
@aaryanbhagat4852 3 жыл бұрын
Why you created list with just 4 random strings as your bruteforcing list? This case is lucky as here the username matches with the password.
@ippsec 3 жыл бұрын
It was demoing a relatively successful way to bruteforce. Make it easy on yourself so if you find other usernames, can quickly try it.
@hadrian3689 3 жыл бұрын
Snmpwalk wasn’t showing me the seeddms when I was first working this box but the Perl script of snmpbw did. I still can’t figure out why. I wonder if anyone else had the same issue. Anyway, thanks for the video!
@ippsec 3 жыл бұрын
You may need the period at the end to crawl all
@hadrian3689 3 жыл бұрын
@@ippsec Oh yea, I just reviewed my notes and saw that I was in fact missing the period. Thanks! Not good enough recon after all
@maxrand6611 3 жыл бұрын
I had the same issue. I was missing the .1 ;(
@protito 3 жыл бұрын
omg it was the . :'''(
@djawedbenahmed208 3 жыл бұрын
same
@xking18 3 жыл бұрын
ssh key did not work as ~michelle/.ssh was group writeable...
@ippsec 3 жыл бұрын
Thanks I always fuck up with the perms there
@tharuneshwarv1582 3 жыл бұрын
@IppSec why are we running snmpwalk 2nd time at 50:52
@aaryanbhagat4852 3 жыл бұрын
The reply to comment by Bernd Eckenfels.
@yamunaudayanthi3266 3 жыл бұрын
Great video...❤️ Thank you...😌
@susnoname 2 жыл бұрын
Thanks!
@George-pv1lq 2 жыл бұрын
20:09 maybe you should have tried -z range,0-30 ?
@lllep84 3 жыл бұрын
Good job! Thx!
@ericka.montanez6821 3 жыл бұрын
I'm enjoying your videos a lot! It has really helped me speed up my learning process and I'm loving it! How can I donate? I'd love to buy you a coffee 😁
@davehans9262 3 жыл бұрын
loved ur video before i even opened it..
@sand3epyadav 3 жыл бұрын
Ippsec sir! So cute.
@Ms.Robot. 3 жыл бұрын
Thanks❤️
@ippsec 3 жыл бұрын
Thanks for all the comments! A few more months and you'll have been watching for two years.
@sahal9236 3 жыл бұрын
Please do a KZbin live on hack the box machine♥️
@luf832 3 жыл бұрын
came here from lucid
@berndeckenfels 3 жыл бұрын
Instead of snmpwalk to retrigger within 5mins, use snmpget with the oid instead
@ippsec 3 жыл бұрын
I show that at the end of the video
@mounir7320 3 жыл бұрын
First comment
@subh0x 3 жыл бұрын
probably for the first time ippsec disclosed a flag , lmao
@Penguin-org 3 жыл бұрын
already rooted
@pepemunic3661 3 жыл бұрын
Really good box! TY!
Аминка Витаминка
Рет қаралды 3,8 МЛН