the link for the pivot machine asks for login creds i tried setting up an account but didnt found nowhere a account creation login for snaplabs couldu pls help

😂

Lmao good one!

Master life hack 🙌🏼

hahah😂😂

😂😂😂

Hey.. I am also preparing for CPTS.. can you tell me how was the exam

@ it was so good. I really took me the 10 days for the exam. I used every single minute I could until like 15 left. Submitted the report and found out I passed on the first try. It was a lot 😅😅

They let you use tools on the Oscp?

@@Michael_Jackson187 Oh yeah, just not any auto exploit tools. So avoid metasploit framework auto-exploits, sqlmap, but you can still use msfvenom (I faded it for a while and have had a few boxes where I couldn't get any of my reverse shells to work without it

@@Michael_Jackson187Check rules of engagement, some tools amd techmiques are not allowed, like Metasploit attack modules

@@Michael_Jackson187no you have to do the entire OSCP in assembly.

Please pontificate on this subject with some particulars. I am almost finished with my digital forensics cert, and I want to understand all of the practical scenarios I can. TY

Even then, there's usually a jump box or a way to access them or their network from an internal network

Can u explain pls?

Right! Thank you! I know he has more experience than me, but I was like no bueno hombre.

@@pimpnosimpg5416 Certainly! When setting up a DMZ, the goal is to isolate publicly accessible servers from the internal network to enhance security. Typically, servers in a DMZ have interfaces connected to both the external (untrusted) network and the internal (trusted) network. This setup allows external users to access services like web servers or email servers while keeping them separated from sensitive internal resources. However, if servers in a DMZ have interfaces connected to completely different networks, it could indicate a misunderstanding of how to properly configure a DMZ. The purpose of a DMZ is to create a buffer zone between the internet and the internal network, ensuring that any security breaches or attacks targeting public-facing services are contained and don't compromise internal systems. Placing servers with interfaces in different networks within a DMZ could create confusion and potentially undermine the intended security benefits of the DMZ architecture.

So how do you access servers in the DMZ from an internal network?

​@flrn84791 You can't that's the purpose of a DMZ, it should not be accessed from the internal network, unless if you have access to the firewall box that manages the DMZ network.

"I don't often easily pivot to internal networks from the DMZ but when I DO, I *always* fire off nmap scans of the entire /24!"

A really good starting point is: if a machine is in the DMZ you should not add another Network to it (Hosts network in this case). It should not have multiple interfaces attached to other Networks than the DMZ. If the machine has multiple networks attaches no firewall can stop traffic

Its actually an outgoing connection from the dmz. It doesnt need an open port from the outside.

@@Youtupe69 I get that but doesn’t it need ports between the Private and DMZ? At least whatever port it is using for the proxy connection.

​@@rationalbushcraft if you set up your DMZ properly, you are correct, you would seriously limit and restrict access, most likely using an Internal firewall, so that your DMZ can only access the devices and servers it requires access to internally to function and also restrict any outbound traffic to the outside that isnt required. this does not completely remove the risk, it just reduces the scope of the attack and means the attacker may have to "pivot" a few times. Granted they can get the tunnel connected in the first instance.

@@factorialandha5929 I think the issue is that John is selling this as a way to move laterally without explaining further on how DMZs normally work. He says the devices in the DMZ can access the internal network when that's mostly untrue. DMZs are designed to have limited access to the internal network. This might confuse the many newbies watching his channel into thinking that all DMZs have unrestricted internal network access.

​@@factorialandha5929how would I be able to regain access to my wifi security and remove multiple administrators off of my laptop? I've been struggling for four years with all of this, alongside of watching multiple videos on what's up with my sh*t(in my limited free time, I have kiddos) & all I've gotten through it all is headaches, very limited help, & laughed at on countless occasions...I have been reaching out everywhere & end up not getting responses or getting responses & then they disappear...it's definitely someone screwing with my network. I see some of the ports or channels are running interface & actually neighboring networks are as well... I tried the app the one popular app... I see multiple devices upon my Bluetooth same name under & identifying as whole other devices under a different color & or icon. I also have multiples of my one device showing in Google home(I've NEVER used Google home, ever) my kids baby monitor is pairing with random objects too. I live alone with my two little girls & am over all of this! I have little $ & what I've saved, I've put out to hire someone other than my service provider... They just mock me & change all of my info... Wifi name, password, & also made me a whole email address that I've never ever used. Sorry so long, but that's some of my sh*t. Any help would be greatly appreciated! Hope you had a beautiful 4th & hope you are well. I read your comment & you seem knowledgeable so I decided to take a shot & throw this out there. Thinking maybe, someone will reach out. You never know, if ya don't try, right?!?!? If I don't answer you, it's because my comments go missing. Alongside of everything tech wise in my life. It's been 4 years & I'd just like a little peace with it all. Ty for listening... 🫀

Thanks, didn't know that was a module

Thank you! It's a team effort. :)

Gotta fill the time

How was the exam ?

@@BlackwinghacksBlogspot Whooped my ass

Lol exactly the same happened to me, now a few years later I'm working as a pentester. Thanks Jack 🤣

Because MiTM uses self signed cert as well, so if you tell ligolo to accept self-signed cert, there's no way to know if it is the self signed from from the ligolo device, or someone doing MiTM.

@@nekkrokvlt ahh so it’s not a diss on self signed certs in general but only in the way that ligolo gets a hold of its cert. Thanks for the response

If you use a self signed cert AND verify its fingerprint, it’s actually safer than trusting a thirdparty. It’s just less convenient (ligolo could make it more convenient by pasting the fingerprint to accept) so this step is often skipped. However, do you fear you get hacked as a hacker? ,)

Hey quentin, it has been a while since somebody used verbiage that I had to look up on You Tube. Well said, beautiful nomenclature sir. This will be something I will use. Well spoken, if you don't mind, drop some more knowledge. I am thirsty for smart human interaction.

I am just getting to cyber security. After being in the desktop / server support area for a while I recently found my passion for cyber security. I have signed up for some certification exams and found this channel. :)

TikTok User

Dude can't even hack the playback speed 😂

Shut up man

Loll - i love the playback speed comments