i see notification i click no matter what im doing .
@0xFt
Жыл бұрын
Most consistent channel on YT, change my mind.
@beezball38
Жыл бұрын
that stuff with built in bash stuff was wild! running [ as a program. Amazing, I love learning something new every single time I watch
@infinit3i
Жыл бұрын
I like how you went over the find and the ability to attack the attributes on the download photos. thank you.
@pr0tagnist
Жыл бұрын
Thanks for the walk through! I had struggled with getting shell on the machine but didn't think to try playing with the request parameters in Burp. This taught me a new technique to try out on this box. Also, the section on SETENV was great. I'll probs need to watch it a couple of times nad read up on it to really grasp it.
@souleymaneadellah1176
Жыл бұрын
The builtins part was so interesting. Thanks Ippsec
@Hckr-ei2xj
Жыл бұрын
Thankyou for all your work it really helps
@abdelhamed8359
Жыл бұрын
My friend, can you make a list to explain the ways of thinking about hacking the machine?
@Ms.Robot.
Жыл бұрын
Thank you. As always, the perfect cure. 🤩
@mateensadat2114
Жыл бұрын
Thank you ippsec i learnt alot from you...
@MangaGamified
Жыл бұрын
I winder why youtube recommended me this 😅
@rsflipflopsn
Жыл бұрын
Nice video as always 👍
@majiri98
Жыл бұрын
Thank you ippsec!
@B4ch4r
Жыл бұрын
Hats off to you Ippsec, i really like your content and appreciate the amount of work and dedication it got you to this level, would you every just explain your learning path and how did you start etc… ?
@sirgravzy5853
Жыл бұрын
Love the video as always however one thing I noticed was your Microphone popping, for future videos please can you turn down the gain ever so slightly? I only have my volume set to half and the pops are quite jarring.
@ippsec
Жыл бұрын
Thanks for the feedback, gain is at the lowest setting. I had to re-install and lost my Obs settings and am having trouble recreating some audio filters I previously had.
@sirgravzy5853
Жыл бұрын
@@ippsec I'm no microphone expert so maybe my gain suggestion is irrelevant. Hope you find the right filters eventually. Keep up the great work!
@ippsec
Жыл бұрын
@@sirgravzy5853 Hey - I don't have a good way to message you but can you give my RainyDay video a listen and let me know if its fixed on your end?
@sirgravzy5853
Жыл бұрын
@@ippsec Of course, I'll do so in about an hour!
@sirgravzy5853
Жыл бұрын
@@ippsec Night and day difference! Sounds better - sounds, 'normal ippsec' if that makes any sense.
@StevenHokins
Жыл бұрын
Thank you for video
@uscoobyk
Жыл бұрын
Anyone got any learning module/course/reading material about the burpsuite file type part of this video? I got to this bit without watching the video but I don't understand how/why this exploit works.
@lonelyorphan9788
Жыл бұрын
Ippsec rocks! 🙂
@sand3epyadav
Жыл бұрын
Tq for seach windows boxes lots of ad and how use jq.. I love or my fave ippsec.
@tg7943
Жыл бұрын
Push!
@3ur3k42
Жыл бұрын
What bout the "secure_path" ? This is set in the sudoers file, i thought that it would take the priority to the path used by the user.
@ippsec
Жыл бұрын
It takes priority over the path before sudo, but the SETENV line next to the command lets you set it after sudo resets it
@agendaaaa
Жыл бұрын
so the bracket solution was an intended one? - I mean did author of the box needed the 'enable' command for anything else except making the bracket solution possible?
@omerfarukbilgiseven2787
Жыл бұрын
SuperSec :))
@FMisi
Жыл бұрын
Easy af
@AUBCodeII
Жыл бұрын
PipSec
@LightAura
Жыл бұрын
I didn't quite understand how "sudo PATH=/dev/shm:$PATH /opt/cleanup.sh" works or why it avoids the env_reset. How does that work with SETENV exactly?
@g0hm47
Жыл бұрын
The wizard user is able to execute the /opt/cleanup.sh script, but with the SETENV privilege. That overrides the env_reset default. It's normally used so that you can set the environment variables for just a single command, but in this case we're able to get a path injection to exploit the lack of absolute pathing to the find binary, or as ippsec showed at the end, the cool exploit around the bash built-in being disabled in the .bashrc file that is called.
@g0hm47
Жыл бұрын
There is also another box where ippsec exploits the same vulnerability - this one is possible for a similar reason, it doesn't have env_reset set at all so again path injection is possible against binaries not using absolute paths - kzitem.info/news/bejne/rX9v06tnq398iaw
@LightAura
Жыл бұрын
@@g0hm47 Thank you very much! I really appreciate the help
Пікірлер: 37