No idea honestly. I started it Monday and finished it and the video Thursday. Probably 20-30 hours.
@majiri98
2 жыл бұрын
this is the video i've been waiting for. thank you IppSec
@securiosityy
2 жыл бұрын
I can't believe KZitem waited until 2022 to show me this channel. Your content is amazing! Hands-down the best security channel I've seen. Thank you so much.
@ippsec
2 жыл бұрын
Thanks! Glad to have you here.
@null_1065
2 жыл бұрын
Excited for this one
@flrn84791
4 ай бұрын
Why put things in the log file when you can just leak things through actual syscalls? :D
@techworld323
2 жыл бұрын
24:55 is 😂
@vikasgowxda
2 жыл бұрын
Fantastic video bro, legend.
@Ms.Robot.
2 жыл бұрын
Thanks. This was very educational.
@jaisurya9739
2 жыл бұрын
Thank you! That was a great tutorial!
@SUTPlay
2 жыл бұрын
had 1k likes.
@kalidsherefuddin
2 жыл бұрын
Thanks
@fer.barrios
2 жыл бұрын
Amazing vid.
@kiwiwelch3620
2 жыл бұрын
Love the video and every bit of instruction and break down. You make it streamlined for devs like me. Security is my second trade or entertainment lol how I look at it.
@viniciusborges7349
2 жыл бұрын
Super great video makes excited to learn more and get started! Love the "stay organized" motto !!
@juhofinnish420
2 жыл бұрын
please use c/cpp in your videos as you can.thanks
@jafarpathan2562
2 жыл бұрын
please help, no matter what the code is, how short the code is, even simple hello world program written in C return same result. 35 ingnored syscallls. everytime same hex values. :( Please help... Even tried different compilers. Really feeling frustrated please help. :(
@ippsec
2 жыл бұрын
You probably are failing to overwrite the /log file with your tainted calls. If you are just trying a program writing to stdout, you won’t be able to see the output in the web app.
@jafarpathan2562
2 жыл бұрын
@@ippsec Thank you, sir, one last question, the code you have used is note working with on my side. Now I know I have to go back and do the maths, just any tip or any blogpost you wanna suggest for beginners level
@ippsec
2 жыл бұрын
idk the code in the video should work for you. Maybe you are compiling from a non-debian based system and the libc or something is mismatched and not executing on the target. Or you made a typo.
@jafarpathan2562
2 жыл бұрын
@@ippsec Sir i am using kali linux - 5.18.0-kali5-amd64. CPU is Intel i5-8250U. GCC version 12.2.0 (Debian 12.2.0-1). May you provide me with your email, i will send you screen shots of whole conflict, as this is uncommom problem i think.
@user-jr1xw7eo8m
2 жыл бұрын
@@jafarpathan2562 It was the same for me, just like he said it is probably due to libc being mismatched and thus your program not executing. Just compile your binary with "-static". That works.
@alsose5453
2 жыл бұрын
it's like photo shop but on soft
@roldiniamadeo7163
2 жыл бұрын
you saved my money and time
@mncreations2857
2 жыл бұрын
Adderall
@T1081198
2 жыл бұрын
@ippsec something tells me you are an ex web app pentester -> network pentest SME -> RT -> Consulting in DevOps == SecDevOps of which you became director. That being said… how do you have time to learn the new stuff that you used to do? Legit question from long time fan who owes you money from your methods literally helping me with clients who are over a lot more than is expected (as you know I’m sure)
@padaloni
2 жыл бұрын
i could be wrong, but i thought he works for HTB now. so this might be part of his job now. i also get the the feeling he has the answers as a htb employee for at least some of these boxes. not to take anything from the legend that is ippsec, ive learned so much from this vids.
@ippsec
2 жыл бұрын
I’ve never really been a traditional pentester/RT full time. Most of my knowledge comes from just being a developer and sysadmin. I do work at HTB now but do the videos on my own time, before HTB I was more of a purple team sysadmin building out detections. This stuff was more of a hobby that I spent countless hours on
@AUBCodeII
2 жыл бұрын
Hello again ipp. Do you have any cybersecurity certifications?
@ippsec
2 жыл бұрын
Honestly don't know what certifications I have anymore. Probably all expired, i never been a big fan of certs and just got ones that were a requirement for some jobs, primarily when i was a Sysadmin. I haven't gotten a certification in probably 7 years which was an offsec one.
@AUBCodeII
2 жыл бұрын
@@ippsec cool man, thanks for the response
@dakshdubey4994
2 жыл бұрын
@ippSec at @12:50 when you run getsize, why is it outputting 8 bytes whereas as per Google it should be 4 bytes? It's a custom program that you created and compiled on your local system, shouldn't it say 8 bytes?
@benhays6488
2 жыл бұрын
It could be difference of 32bit and 64bit systems. Also, different C compilers might interpret the size of variables differently.
@ippsec
2 жыл бұрын
32 bit it is 4 bytes. In 64 bit linux/Mac OS it upgraded to 64 bytes. However I don’t believe windows changed it for backwards compatibility reasons. Just an annoying thing you remember after running into issues enough times
@cy_wareye7395
2 жыл бұрын
Scanned was rly hard for me
@artboard8116
2 жыл бұрын
Great
@animeshmaji6226
2 жыл бұрын
what linux favour is this, you are using ?
@ippsec
2 жыл бұрын
Parrot
@animeshmaji6226
2 жыл бұрын
@@ippsec I mean is it customized because I cant find this version of parrot you are using and I really like it and want it as my attack box
@wither3577
Жыл бұрын
@@animeshmaji6226 It's the parrot hackthebox edition
@xslow2586
2 жыл бұрын
Good
@y.vinitsky6452
2 жыл бұрын
Hmm I didn't know you could implicitly include libraries. Is that a feature of gcc?
@ippsec
2 жыл бұрын
What do you mean? I just made my own library. Normal users normally can’t write to /lib, but since I was in a chroot() /lib was at a different location that I could write to. So when su was ran it pulled from /lib, which was at the unprotected location because of chroot()
@y.vinitsky6452
2 жыл бұрын
I meant your first program that prints the size 12:27
@tusharharsora7901
2 жыл бұрын
@@y.vinitsky6452 The program is dynamically linked to libc.so so it will find printf function at runtime. as for compile time, compiler will take whatever you give and assume number of arguments you provied are correct. and compile your program. Hope i answered what you were asking
@tusharharsora7901
2 жыл бұрын
@@y.vinitsky6452 The program is dynamically linked to libc.so so it will find printf function at runtime. as for compile time, compiler will take whatever you give and assume number of arguments you provied are correct. and compile your program. Hope i answered what you were asking
Пікірлер: 52