HackTheBox - SneakyMailer

Рет қаралды 19,897

IppSec

Күн бұрын

Пікірлер: 58

@shellbr3ak443 3 жыл бұрын

The Extra part of the video is AWESOME, can't thank you enough for these amazing videos.

@timkatsapas 3 жыл бұрын

That stupid pypi package tripped me up. I was trying to reverse shell but kept having syntax errors. *TRY HARDER* . Thanks for the awesome video. Damn you are fast at enumeration, sheesh.

@mrd7901 3 жыл бұрын

Saturday means IPPSEC videos ❤️❤️, lots of love sir ❤️❤️😍😍😍

@veritatas678 3 жыл бұрын

That php webserver part at the ned was really helpful

@oriel360 3 жыл бұрын

love your vid and explanation, keep up the good work

@Deaple 3 жыл бұрын

Wow this last tip to use apache's http thread for enumeration blew my mind

@mehmetux4186 3 жыл бұрын

nice tutorial again. thank you ippsecc. sometimes I also make writing mistake but I can't find my mistake quickly.

@jessee_jonessss 3 жыл бұрын

I have been waiting for another video for sometime now. Thank You

@0xtz_ 3 жыл бұрын

The first , amazing 😉

@AhmedAbdullah-pp2mp 3 жыл бұрын

سبقتني lmao

@0xtz_ 3 жыл бұрын

@@AhmedAbdullah-pp2mp hhh

@techlegoblocks62 3 жыл бұрын

Great video, why you mentioned you dont crack in the same box / VM? just curious on best practice on this, sounds interesting to set up a box only for this, got a spare Pi :)

@ippsec 3 жыл бұрын

Cracking can be very cpu/gpu intensive. You want it to work as fast as possible. Doing it on the machine you are doing other things slows it down. Pics aren’t good for this because they aren’t that powerful

@techlegoblocks62 3 жыл бұрын

@@ippsec awesome gave me an excuse to set up.something new. Each video is a library of knowledge, thanks!

@celikom 3 жыл бұрын

Awesome !!!

@j4ck_d4niels 3 жыл бұрын

Sat night with ippsec, always fun :)

@nikohegeheiskanen 3 жыл бұрын

Man i went full telnet on this box :D made a python script to send all the mail using pwn tools and manually checked the mail with telnet too :D

@highlightchannel7845 3 жыл бұрын

Voice of a legend

@ninostephen 3 жыл бұрын

The thing with thunderbird is that it sometimes fails to determine the correct configuration values while setting up the account. It's usually DNS. Could be others too. The solution would be to manually set the values. By values I mean the port, server hostname, ssl and stuff. Setting it to the non-ssl values would resolve the issue 🙂🙃.

@omran.alshehabi 3 жыл бұрын

Learned a lot as usual, thx

@azelbane87 3 жыл бұрын

Awsome

@magbenyo 3 жыл бұрын

i have been waiting

@JuanBotes 3 жыл бұрын

Thanks IppSec

@gauravpurswani6671 3 жыл бұрын

I think instead of using some tool for ftp-user-enum we can just create a 5 line python script, with socket programming and if else statement. Please Let me know if I'm wrong. Thanks for making such amazing videos. The way you explain things is 🔥🔥, I have learned a lot from your videos...

@ippsec 3 жыл бұрын

Yes. I believe I mention you can do that, the purpose was not to show how to code the entire enumeration piece yourself. It was showing how to put some middleware together in order to use existing tools in unintended ways. Which greatly speeds up the time it takes to fuzz simple things. I think most people try things like you mentioned and write the perfect script. However, when working against a clock this isn't always the best way.

@gauravpurswani6671 3 жыл бұрын

sorry maybe I was not attentive in the part when you were talking about the script, I will go through the video again. Trying the tools to use the way in which they are not intended, to achieve something else, sounds supercool. I will start doing things in that way. Thanks for replying!😄

@aminhatami3928 3 жыл бұрын

TNX.❤❤

@Sleep-travel 3 жыл бұрын

Love from India 😍😍

@williamwambua7710 3 жыл бұрын

You should most definitely make a tutorial video for us dummies!!!

@LoayMatar 2 жыл бұрын

I still don't understand how a user clicked on the link... obviously there aren't real users, so how did he get a click on the link in the phishing email?

@Max-mz3is 3 жыл бұрын

24:39 Port 465 smtps is closed, How were able to connect via 465, it should be default 25?

@LoayMatar 2 жыл бұрын

So that means that it was probably wasn't closed, it just didn't show up in the nmap scan because the scan was for the top 1000 ports, so maybe 465 wasn't in the top 1000 port. Maybe if he did -p- to scan all ports it would have showed up.

@Socversity 3 жыл бұрын

It’s awesome. But why don’t you create course on it? For example, make a video on smtp, explain, why it’s important. What kind of things we should look for, what are common misconfigurations in smtp. Honestly, it would be appreciated. If you can start a short series on each service which can be exploitable. Thanks

@ippsec 3 жыл бұрын

Go to the HackTheBox academy for that type of stuff. academy.hackthebox.eu

@Socversity 3 жыл бұрын

@@ippsec thanks, but I couldn’t find such kind of stuff.

@ippsec 3 жыл бұрын

Nothing SMTP but that is where you can find it when/if I do create it.

@Socversity 3 жыл бұрын

@@ippsec thanks, appreciated 👍👍

@MaximusHyde 3 жыл бұрын

isn't ippsec doing enough for you already?

@mossyhorn2147 3 жыл бұрын

@IppSec why don't you like cracking on a VM or your host computer??

@kathib2571 3 жыл бұрын

does watching this help to gain better IT-skills to get a sysadmin-job or else? or would it be wiser to watch something else?

@CJ-rt8zy 3 жыл бұрын

nope

@kathib2571 3 жыл бұрын

@@CJ-rt8zy something else?

@abdosama 3 жыл бұрын

FYI The password you got "soufianeelhaloui" is a moroccan nameand last name :)

@ahmadhama2491 3 жыл бұрын

3:40 "it looks like we have Nginx running on php" LOL thanks ippsec for the great video again

@kret63 3 жыл бұрын

That was sneaky :)

@GabrielHenrique-yl3jc 3 жыл бұрын

What is your operating system? What is your operating system theme?

@mhamadyahya1 3 жыл бұрын

What operating system you use? Parrot or kali linux?

@element-1254 3 жыл бұрын

In this video he is using ParrotOS.

@vonniehudson 3 жыл бұрын

Expert use of man pages

@SaurabhMeherX 3 жыл бұрын

Can someone please tell me why do we add the url to /etc/hosts file

@ippsec 3 жыл бұрын

Look up Virtual Host Routing, it’s just a way for a webserver to identify the site your going to

@nikohegeheiskanen 3 жыл бұрын

Also look into how dns works 👍

@Zygorg 3 жыл бұрын

23:10 port 443=993?

@elchinefa9524 3 жыл бұрын

he confused with https but 993 is ok it is for smtp ssl/tsl if i do not make mistake.

@GC-qe8vc 3 жыл бұрын

Ippsec your content is great, but try slowing down a bit! You are missing obvious error messages in your effort to type and click as fast as possible. There's a false impression out there that 'good hackers type 300 wpm and never look at a GUI window for more than 50ms' but that's in Hollywood not in real life. Anyway, thanks anyway...