Learning to go beyond root from your last presentation. I forget to add a user to get back into the system post exploitation. I’ll try doing that next machine. Thanks for the video. Really interesting. 🎉
@pierrer491
Жыл бұрын
It looks like smbclient requests by default WORKGROUP\guest : a non valid user whereas CME resolve Ip and try to login with OUTDATED.HTB\guest a valid ones. Always try several tools, a good lesson you teach us!!
@JavierCorpusPrieto
Жыл бұрын
I couldn’t solve this box when I tried it. Thanks for these videos; you went the extra mile. 👏👏👏
@zoes17
Жыл бұрын
`dir /ah` is the command you were looking for on Windows to show hidden files. The switch is /a for attribute and the h is hidden. I think /as is for system files. It seems the /a switch also accepts an optional : for /a:h also meaning hidden files. Furthermore, it accepts a - as a negation character(e.g. dir /a-s for won't show system files)
@kdnowlq
3 ай бұрын
Thank you!
@pswalia2u
Жыл бұрын
Amazing as always ❤
@thepioneer517
Жыл бұрын
thanks! that's really cool stuff and i learned a lot.
@cdrom
Жыл бұрын
You need the first 4096 bytes to bypass the code requirement to authorize the session
@WyldeZk
Жыл бұрын
On 42:30 generally when I’m using evil-winrm I like to use builtin upload/download feature that allows file transfer in both direction very easily (tab completion available)
@ippsec
Жыл бұрын
I have used it in the past but it can be extremely slow. I want to say it’s converting to base64 then echoing it in chunk by chunk. But have never looked into it.
@RIKI-tf5bj
Жыл бұрын
IppSec, will you ever do a Fortress, Endgame or Pro Lab on HTB? That would be very interesting to watch :))
@cndninja6528
Жыл бұрын
IppSec Rocks !
@tg7943
Жыл бұрын
Push!
@0xwxe663
Жыл бұрын
I just started using htb I might check this out later cool contents
@lixiao4259
Жыл бұрын
Is it possible to use krbrelayup to do Priv-Esc after getting a reverse shell with domain users on domain computers?
@ippsec
Жыл бұрын
Probably on this machine but it was patched a couple months ago, so won’t work on DC’s going forward
@user-vu4tf3eb9l
Жыл бұрын
I am lost at where does the IER(New-Object * command come from?
@element-1254
Жыл бұрын
It's a PowerShell command for downloading a page from HTTP server.
@psymon25
Жыл бұрын
Very similar to an osep lab machine….
@damuffinman6895
Жыл бұрын
Have you done OSEP? Genuinely curious.
@psymon25
Жыл бұрын
@@damuffinman6895 yup passed last year this is very close, if your also considering it i would pay for prolabs and do rasta, cybernetics too ;) to learn bypassing basic security
@damuffinman6895
Жыл бұрын
@@psymon25 Nice! I'm been thinking about doing Dante to start. How hard is cybernetics? Has it translated to real world red teaming? If you've been hired of course.
@aaronflippens2149
Жыл бұрын
I love you ur videos. Also second
@kalidsherefuddin
Жыл бұрын
Howi activated
@simyi8781
Жыл бұрын
nice content ! third comment :)
@Stranger-bm1bf
Жыл бұрын
1st comment
@aldisec2887
Жыл бұрын
On 5:41, it tried to authenticate as WORKGROUP\guest while on 6:01 it tried to authenticate as outdated.htb\guest
@JOJO-no8rb
Жыл бұрын
Ippsec Can you do ctf using ChatGPT? I think it will be great expirience to all of us i mean ("how OpenAI Helps to ctf challenges")
Пікірлер: 29