To do file enumeration with the sql injection you could have used the option --common-file and pass it a wordlist then use --file-read= to read the file all with sqlmap. Great video :)

Waiting for insane release,but kudos to your dedication !

This is pure gold! Thank you!

Cool. This was very dynamic. Amazing. ❤️

I’m on my 5th day of watching this this is a strenuous video 🤯 but I love it

Thanks for such a nice content . Please try to make some videos other than ctfs so that we can learn some extra things from you Thank you 💗

Ippsec rocks!!! 🙂

Did the box get changed after this video? The writer_web directory isn’t writable for me despite using smbclient and when I finally got in the box I saw that it wasn’t listening on port 8080 at all

When you wanted to crack the hash using john, actually you were right! You needed to add a $ in front of the hash as seen on your google research

Hey ippsec! I have a suggestion if you didn't know about, you can "copy as curl" the request in burp or the network tab in firefox, then convert the curl to a python script by some online tool and you have a python script of the request you've made! :)

fantastic guide thank you!

Thanks for your great videos.

First like first comment love from India ippsec

Great work! I have one doubt, why we are supplying absolute file path to image_url param. Like this file:// . I mean this webserver might alread be running in web root, in that case relative path to file should work.

Does anyone know why sqlmap wont work with a UNION based technique on the login page? It seems to only work with time based blind which is a pain.

instead of running directly john u have to use if john is installed in opt directory then do this /opt/run/john hash.txt - -wordlists=/usr/share/wordlists/rockyou.txt this will load the hash file idk why but this works for me instead of running john directly

Instead of these regex, that might be buggy in some situations, and on top of that aren't super easy to construct... Why don't you use xpath expressions to select your data from the html?

Can we get a log4j video? Maybe you exploiting the vulnerability?

Got it

this is lab very very hard

Why are your views going down....

great but One video a week is not enough