I think the reason you're getting the file content when you do 'ls' @1:34:00 is because of missing break statements for each 'case' condition. In Java, it's required to add the break statement after each 'case' condition ends, otherwise, it'll continue until it finds a break or until the default case.
@ippsec
7 ай бұрын
Ah. Thanks! Yup that would explain it.
@dadamnmayne
7 ай бұрын
The benefit of this format is not only do you get a walkthrough but you might get a vim tip or a tip to convert your burp suite repeater data to a curl command.
@dadamnmayne
7 ай бұрын
i like when machine creators lead you to either a id_rsa or a password. that way, in practice, you can jump straight to lateral movement or priv esc if desired, especially on insane machine. its like a checkpoint.
@apkanalyze3623
7 ай бұрын
That sneaky video was the good one :) I'm still smiling when I recall you reading the entire 'Total number of IPv6.' aaah good old days.
@ihavelowiq2723
7 ай бұрын
this is a simple request from a beginner. can u add beyond root part to every video. even thought they are easy box nothing crazy to show, can u route us through the box, showing how the site is hosted, how the inside is working, what are the main points we need to check, how the box creator has done things using crons like that. thank you. i always amazed by ur knowledge
@miroslavmetodiev8915
7 ай бұрын
23:41 You can undo an accidental tab close with ctrl+shift+T Thanks for being awesome! ❤
@eyezikandexploits
7 ай бұрын
This box was a struggle for me
@tg7943
7 ай бұрын
Push!
@BenasserAitLhajLahcen
8 ай бұрын
Greeting From Morocco
@abdelhay.
8 ай бұрын
Mgharba everywhere
@abdelhay.
8 ай бұрын
Mgharba everywhere
@BenasserAitLhajLahcen
8 ай бұрын
@@abdelhay.Wayih
@Y4riss
7 ай бұрын
hhhhh
@noctavel
7 ай бұрын
Question: Why did you use http to transfer files from your host to victim but used nc the other way around (twice)? any specific reason or just your standard flow?
@ippsec
7 ай бұрын
Habit - Generally speaking when doing offensive work, your target will be behind a NAT. So standing up a listener won't help much as there isn't the port forward (PAT) setup to access the webserver from the outside. On the attacking side, you have control of the router, or are you just are on a routable IP Address, so you can stand up a webserver.
@notTh3Mag1c1an
7 ай бұрын
is the volume a little lower or is it just to me?
@ippsec
7 ай бұрын
Very well could be -- Something changed my volume settings before recording this video. Think Zoom maxed out my microphone and I had to find out the right settings.
@notTh3Mag1c1an
7 ай бұрын
@@ippsec No worries Man, I increased the volume. We all good, it wasnt that low.
@vijayvj3976
8 ай бұрын
Out of the box thinking 💯
@b14cky30
8 ай бұрын
I have one simple question: which technique should we apply for exploiting the machine after lots of enumeration? 1. Breadth First Search (Horizontally Proceed) - Means First of try all thing as surface level for initial foothold 2. Depth First Search (Vertically Proceed) - Means First Take one thing and deep dive into it and then another one.
@moretto8589
8 ай бұрын
I think it depends on the situation I personally do breadth first if i see a lot of ports and if i see only 2 or 3 ports then depth first.
@ippsec
7 ай бұрын
I go Horizontal, then exploit what I think will be the quickest first.
@NicolastheThird-h6m
7 ай бұрын
wait when did we start having Algorithms for hacking. Cool. The best way is the ippsec way.
@NicolastheThird-h6m
7 ай бұрын
@@moretto8589 I like this. This is what I do too. Probably why I get overwhelmed when there's a lot of ports to check.
@gespoL-
8 ай бұрын
Se garantiu
@AAA-AAA158
8 ай бұрын
first
@AUBCodeII
8 ай бұрын
Ipp, you have a smooth brain. No ridges or lumps, or valleys or bumps; all ideas slide right off, like a waterslide!
@NicolastheThird-h6m
7 ай бұрын
Practice over years makes us think like a robot.
@AUBCodeII
7 ай бұрын
@@NicolastheThird-h6m Smooth brain is actually good, because: * Smooth * No wrinkles * Cute * Can't think = no sad
Пікірлер: 34