Thanks for the help, the guide was confusing me too much and I didn't know if I'd ever be able to get to bed tonight, lol!
@_CryptoCat
Күн бұрын
No problem, glad you got it! 👊
@toonlagoon3127
Жыл бұрын
Just for clarity. The problem at 23:14 was that you didn't put the semicolon. You can notice that the 'secret=' changed to 'secret-' which means it did get the command but only waited for the code end(;). When you inputted 'select * from flag;' again it ran the line as following: 'select * from flag select * from flag;' which gave you the error. If you'd just put ; in the second line it would have finished the command. Great video and explanation!
@toonlagoon3127
Жыл бұрын
Great to comment and not watch the video fully just to see it in the video :)
@_CryptoCat
Жыл бұрын
Thanks! I was very confused when recording but realised the mistake during edit. Always something small 😅
@saswathvel
Ай бұрын
As Usual Great Man...Loved your Content
@_CryptoCat
29 күн бұрын
Thanks mate 💜💜
@JackOfAllThreatsMasterOfNone
Жыл бұрын
Thanks! Your explanation about the tunnel was clear! I look forward to the video on using Obsidian for ctf and pentesting... Can't find one!!!
@_CryptoCat
Жыл бұрын
Thanks mate! I had that episode all planned out in my head but it's been so long, that I'd need to re-prep for it 😆 Will get there.. eventually 😊
@TheBG077
Жыл бұрын
Thanks so much for this guide! It led me to using the dynamic forwarding (also from reading the comment from aliedora) because local didn't work correctly...I love how these machines are labeled "very easy". I just started my journey, but I feel like I'm never going to get the hang of this....I'm most of the way through Tier 1, and I have yet to finish a machine without having to look up a walkthrough Does everyone have this trouble/frustration when starting out, or am I just way below average at this? lol
@_CryptoCat
Жыл бұрын
Don't worry mate, everyone has the same struggles at some point. If you find everything easy, you probably aren't learning much!
@hackinginseconds
Жыл бұрын
hey just wanted some guidance on what to do after completing the starting point machines....? Should we start with retired machines, active machines CTF.......
@_CryptoCat
Жыл бұрын
Yes! All of these things 😉 If you have a VIP membership then retired boxes/challs are great for learning because you can spend as long as you feel is reasonable trying to solve and then refer to walkthroughs when stuck. That extra experience will help you when it comes to active machines/challs 😊 CTFs are always good fun and a great learning opportunity as well, NahamCon CTF is currently running!
@augustoalmeida2586
Жыл бұрын
you could run ss -tl and it will tell you the service running in that port
@aliedora
Жыл бұрын
Wow this challenge gave me a lot of grief. But after spending few hours on it I do understand the concept much better. Thanks for the videos, they never disappoint. I always watch them after I try the challenge myself and always learn something new. You have a nice voice too :) I always use my Kali linux, and there are differences from parrot. For example for me, local port forwarding did not work at all, when trying to connect to the db I was getting: "psql: error: connection to server at "localhost" (127.0.0.1), port 5432 failed: Connection refused Is the server running on that host and accepting TCP/IP connections?" Only with dynamic forwarding I was able to get into db. However in this case my scan was showing as PORT STATE SERVICE VERSION 5432/tcp closed postgresql Like.. what the heck. I feel like I am cursed with always having the weirdest things happening on my machine.
@_CryptoCat
Жыл бұрын
Awww thanks for lovely feedback 🥰 Port forwarding is definitely one of the more challenging topics and I often find one tool will work better than others in different scenarios (SSH, chisel, sshuttle, meterpreter, plink, netsh etc). Glad to hear you got it working one way or another and gained a better understanding of the concept 🙂
@alexkri9884
Жыл бұрын
you missing the -h flag when forwarding ports: psql -p [local port] -U [user] -h localhost for example exact to this video : psql -p 1234 -U christine -h localhost
@TheBG077
Жыл бұрын
I had the same issue! I too was able to get in using dynamic forwarding, and I also believe I'm cursed as well haha I can't seem to get through barely any of these "very easy" machines without looking at some form of a guide :( I feel like I'm never going to get the hang of this...
@chibiichen
Жыл бұрын
I love your content. Are you planning to do some retired machines for beginners? I sometimes find them very hard even if they are rated as "easy"
@_CryptoCat
Жыл бұрын
Thanks! I've always avoided making videos for retired machines as IppSec does a great job and I don't feel like I can add much value. I'm going to do one soon where I show how to take notes with Obsidian though so if it goes well, I might do more in future 😊
@primaspierre20
Жыл бұрын
i did everything up to the point where i have to connect to the ssh as christine than an nothing happens. can you help me?
@_CryptoCat
Жыл бұрын
When you say nothing happens.. It doesn't connect via SSH? Does it timeout or give you some error? Have you checked the official PDF walkthrough to confirm?
@reu3437
Жыл бұрын
Hi, thanks so much for your detailed walkthrough. I have an issue when trying to do port forwarding. When i nmap my own localhost, it shows that the port 1234 is closed, and the service version is hotline. Been googling and retracing my steps to see if i did anything wrong. Re-did the machine but the issue is still the same. Any idea if this is a common problem? Any help from you or members of the community is greatly appreciated! Thanks in advance 🙆♀
@_CryptoCat
Жыл бұрын
Hmmm you definitely setup the port forward first? Tried the local and dynamic forward?
@ppgdude
Жыл бұрын
Hey could you tell me why you use parrot os? and not kali or something
@_CryptoCat
Жыл бұрын
I swapped to Parrot a few years ago when Kali was having regular issues. Next time I create a new VM, I'll go back to Kali lol.
@ppgdude
Жыл бұрын
@@_CryptoCatThanks for answer!
@ovejanegra6351
9 ай бұрын
help [WARNING] Many SSH configurations limit the number of parallel tasks, it is recommended to reduce the tasks: use -t 4
@_CryptoCat
9 ай бұрын
Hmmm haven't seen that one before.. Did you try to add the "-t 4" flag?
@ovejanegra6351
9 ай бұрын
@@_CryptoCat yes
@_CryptoCat
9 ай бұрын
It's giving an error, but does it actually fail?
@丁泽楠
Жыл бұрын
Hello, I followed the same operation as you, but my dynamic proxy is still not working, I want to get some direction to solve the problem
@丁泽楠
Жыл бұрын
My proxychains does not output information about port 9050 being forwarded to port 5432. Does this mean that I am not proxying successfully? But my ssh command and configuration of proxy chains4.conf file are the same as yours
@丁泽楠
Жыл бұрын
I further narrowed down the problem and it only fails when proxychains proxy nmap. [proxychains] config file found: /etc/proxychains4.conf [proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4 [proxychains] DLL init: proxychains-ng 4.16 This is what was output.
@_CryptoCat
Жыл бұрын
@@丁泽楠 Hmmm a couple of things; I updated my proxychains.conf, rather than proxychains4.conf - sounds like this might not be the issue but worth trying. NMap can also have some issues when used via proxychains, did you try to connect to the port 5432 any other way? e.g. using psql or netcat?
@丁泽楠
Жыл бұрын
@@_CryptoCat I tried again during the review process, I took a lot of measures but nothing worked, I can only ignore it for the time being and move on, maybe I will meet the answer in the future.
@angelonunziolombardi
Жыл бұрын
Can Hackthebox Challenges be done without VIP?
@_CryptoCat
Жыл бұрын
Only the active ones (same as machines)
@discordmsimna
Жыл бұрын
I have a stupid problem at 21:18 I tried using psql and install it but it doesn't work it says Please ask your administrator. what should I do ?
@_CryptoCat
Жыл бұрын
Can you run "sudo apt-get install psql"? Or maybe you need "sudo apt-get install postgresql-client-common"
@discordmsimna
Жыл бұрын
@@_CryptoCat Idk whether I install it while I'm in Christine or to open another tab and install it in my Kali (sorry for my bad English)
@_CryptoCat
Жыл бұрын
@@discordmsimna np, you should install it through your kali terminal 🙂
@shreyastambe4897
Жыл бұрын
what am i doing wrong i am getting this error : christine is not in the sudoers file. This incident will be reported.
@_CryptoCat
Жыл бұрын
Don't use "sudo" before the command. Christine doesn't have permission and you don't sudo for this box 🙂
@shreyastambe4897
Жыл бұрын
@@_CryptoCat thanks for the reply i understood now 👍
@angelonunziolombardi
Жыл бұрын
where is pathfinder? when I look for it I am redirected to the tier 2 starting point but it is not there
@_CryptoCat
Жыл бұрын
pathfinder??
@angelonunziolombardi
Жыл бұрын
@@_CryptoCat ye
@_CryptoCat
Жыл бұрын
@@angelonunziolombardi What is it? Where do you see?
@angelonunziolombardi
Жыл бұрын
@@_CryptoCat I find this online h4rithd.com/blog/starting-point-htb-pathfinder-walkthrough/index.html But on Hackthebox this machine there is not
@_CryptoCat
Жыл бұрын
@@angelonunziolombardi Oh yeh, WTF! 😅 Maybe they renamed that machine or removed it, I can't see it either 🤔
@AbbaG-tp9ze
Жыл бұрын
provided right password but still gives me this error: Password for user christine: psql: error: connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "christine" connection to server at "localhost" (::1), port 5432 failed: FATAL: password authentication failed for user "christine"
@_CryptoCat
Жыл бұрын
Hmmm check this, see if it helps: dev.to/atosh502/postgresql-password-authentication-failed-for-user-387b
@pavi013
3 ай бұрын
Its gonna be very easy they said 😅
@_CryptoCat
3 ай бұрын
😆
@xantlcn3226
Жыл бұрын
tldr?
@_CryptoCat
Жыл бұрын
Not sure if you're asking for a TLDR of the video or what the "tldr" tool is 😅 Assuming it's the second, "tldr" will just give you some examples of common commands from man pages: github.com/tldr-pages/tldr. I use it a lot!
@shba9300
Жыл бұрын
@@_CryptoCat thanks for letting us know about tldr tool very helpful.
Пікірлер: 58