SQLi, SSTI & Docker Escapes / Mounted Folders - HackTheBox University CTF "GoodGame"

John: *Literally shows the first docker escape I've ever seen*
Also John: "Wow I'm a dumbo"

Even though I can understand each step taken individually I wouldn't be able to string them together with my current skillset, but I did find solace in the fact that I had previously ran into and solved the bash -p hick-up. (*Insert Leonardo pointing meme here* The bash -p issue I ran across previously!)

I can’t believe how it only has one star of difficulty. I could never get that far

4:30 "People are all excited about Battlefield"
That didn't age well...

And this is supposed to be easy? My head just blew up.

"We're root supposedly....but we're supposed to be user. Did we skip that?!" John out here too good for these level 1 boxes haha

Easy? How on earth .... I'd never get this as a noob. So much to learn ...

Did you remove the ransomware stream? I was hoping to go finish it later. 😢

32:43 You can use SH instead. It won't require any other libraries and would work with SUID!

You are a master at your craft. Awesome video.

Amazing video once again, but It’s quiet a mix up in my head when I Read about people grabbing multi-figures monthly as income in investments even in this crazy days in the market,any pointers on how to make substantial progress’s? Will be welcomed

Great video. I understood everything except some of the subprocess ssti. What does setting stdout to -1 do? Cant seem to find documentation on that

Wish HTB had more free content for those of us looking for a job 😞

mounted file systems are dangerous, that was fun to watch!

just wow man.. watching you do this is so satisfying. So inspiring. WE. WANT. MORE!!!!!!!!

yo btw Thought I would just say, I recently found your channel and with every video I watch I learn something new, interesting, or another way of doing something I never even thought of! I love your content and I am pretty sure I will be a consistent viewer from now on. Keep up the great work John! :D

It’s definetely not easy.

Did I miss something? How'd he know the password was 'superadministrator'? Surely not just a lucky first guess?

You could have used "enumerate" to quickly identify the index of Popen

man the privesc was insane!! I didn't know that technique.
Thanks John,

I've been watching all your recent content and it's great as well, but I must say, after watching this video, that I really miss these CTF box videos 😊 Just my personal opinion though, make the content you feel like making at all times, it makes it better that way.

[Question] Hi I have a question : at 13', once you've modified the "/etc/hosts" file to add a match between the local machine address & internal-administration.goodgames.htb, why is there a different webpage that renders once you type internal-administration.goodgames.htb ? Since it resolves to the local machine address, I don't understand why we shouldn't see the goodgames home page from the beginning. I'm missing something.

In case anyone is interested if you want to a fast check, beside a script in python to test a post with different values after js, if you are using Firefox, you right click on the post request, in the context menu there is an edit and resend command.

Python2 forever!!!

Hammond why is your WiFi on my internet connections it keeps “connecting automatically”! Bro what you want from me??

Where is golang video?

Dude this is insane man, never though it would be this easy.......

Awesome video. Love your energy, your passion comes through and it’s contagious.

This might be a naive question but I do not understand upon looking at an input which kind of injection to use, for example upon looking at the name feild how john went for template injection and not some other sql one?

"really easy"...... uhuh... go back to the username field and explain that ALLLLL again, and slow.

Lol you just broke the VM and hacked in a different way... you have power

I wish I had so mush fun do it. I think I understand mostly what were you doing, but I never be able to do it by myself and come up with all that stuff. =)

Nothing sold NordVPN to me like accidentally realizing that John uses it. I hope they pay you for unofficially sponsoring them.

John : Uploads a 30 mins video
Me : "where tf are my snacks !?"

It has one star difficulty, becauset he password is only md5

that was fast..."Welcome Admin" ..inside 10min.

Would love a video of you setting up Ubuntu from scratch with how you install and what tools you install at the start

Brilliant video, thanks

that was a cool privesc. learn't alot from this video. thanks!

that was awsome video cool man i learn alot i didnt now before awsome man

alguien me puede ayudar cuando gano acceso al contenedor docker a los segundos se me cierra la conexion ? a alguien le paso ?

Just started CTF and i love the challenges, my work is mind numbing, so these challenges are a great way to spend the remained of my work day.

I legitemately understood everything in the video, however why tf can't i do it like him

I would like to have the configuration of your terminal at this time.

im on a rpi 5 not even kali im on raspian and sqlmap is installed with sudo apt install -y sqlmap

the outro is naiz

New john is rather Blonde while Old one is Pale 😅

Тут есть русскоговорящие люди?

Just a big thanks, u r the MAN✊🏻

T-shirts you wear are
so cool😎 to see!

We need the 2 min of troubleshooting 😅

Love watching you work John! Thank you.

My CRAZY mentor 🤣🤣😸😸

Im to htb, but that was cool to go through that.

John please please please do some more King Of The Hill video’s!!!!
There’s not enough KOTH content on youtube and after all….. you are the KING

Thanks John this machine is great

Super interesting way to get to root

How to trying (y/ n) testing .

Hey John, first of all great channel, love the content. Currently starting to learn about programming and am interested in white hat hacking side of things as well, thanks to you 👊 any resources you'd reccomend to get into the subject beyond hackthebox? Good luck with the channel anyway, cheers!

Love the video but keep in the troubleshooting parts. Provides insights into your train of thought for us pleebs

john would you please , give us a road map to what you became at the moment , so i can add what is missing : and catch up

Love you, "sudo john"..

Amazing video. Please make videos like this one, it is so much entertainment

That was awesome to watch

Yayyyyy back to CTF

that privilege escalation was super cool!

nice work

ok n00b question. around @6:49 are you executing that python script from sublime text and then viewing the results in another tab?? if so, how so?
thanks for this vid and you have a new subscriber....this makes me realize that I still have A LOT to learn.🙏🏼

probably the coolest guy in cyber security

Fantastic

Wow I loved the video. Thanks

instwead of netcat (outdated on raspian os) use socat its built in raspian! everyone on kali should use socat aswell! so much better!

John is Amazing... Outstanding

👍!

this is gold, thanks a lot John!

GOD

For starters in college to be a cybersecurity ethical hacker what laptop or computer is best that I should buy long term ?