Last week, I was in a meeting trying to explain the Ivanti vulnerability to other teams. At one point, I found myself was saying 'With that being said, let's just jump in.'
Ippy, you're back!!! Happy New Year!!! In 2025 we'll have: * More Ipp memes * More pop culture references * More "Hey Ipp" questions/riddles/challenges * More "Let's see" and more "There we go" * Comments that are actually related to the videos (P(A) < 1 x 10⁻⁶)
Hey ipp, was wondering about the process at 14:50 to get a proper tty shell. I didn't know the script -q trick, is there a place where we can learn more about these? I also don't fully understand how/why it works, but I guess that's more to do with the Linux terminal than security
Hey, easy boxes are obviously the easiest of the bunch - usually point and click exploits in obviously vulnerable versions and that sort of thing. That said, they're not actually "easy" in terms of difficulty for the average person. If you don't have experience, you're not going to find them "easy", not even close. It will definitely take a while; depending on your experience, it may be well over a year before you can actually do easy boxes on your own. Best advice I can give is learn what you're actually doing: instead of "learning nmap" or "learning metasploit" or whatever tool is cool, learn the process behind it, don't just blindly run tools and see what sticks.
@@lespetitjoueurs you have to enter a ssh session first, then input ~ to perform ssh escape sequence, you can combine with ? to validate and also check the commands
ctrl+shift+t reopen closed tab ;-) btw this box can't be easy. the first attempt to get the user flag was easy but to get the root flag is quite more than 1-3 steps like an easy box should have.
Last week, I was in a meeting trying to explain the Ivanti vulnerability to other teams. At one point, I found myself was saying 'With that being said, let's just jump in.'
Missed your videos sir happy new year and welcome back 🎉🎉🎉
Senin sayende ilerliyorum çok teşekkür ederim .. king of kings 😂🎉❤
You're back 🙌🏽🎉
Yeah! Miss your videos
Ippy, you're back!!! Happy New Year!!! In 2025 we'll have:
* More Ipp memes
* More pop culture references
* More "Hey Ipp" questions/riddles/challenges
* More "Let's see" and more "There we go"
* Comments that are actually related to the videos (P(A) < 1 x 10⁻⁶)
Great work man! I DREAM OF BEING A PENTESTER, but holly crap there's a lot to learn makes me scared sometimes.
Nicely done, thank you
3 Week Gone 😅
Been Waiting For New Ipp Vid 😊🎉
Hey ipp, was wondering about the process at 14:50 to get a proper tty shell. I didn't know the script -q trick, is there a place where we can learn more about these? I also don't fully understand how/why it works, but I guess that's more to do with the Linux terminal than security
Thank you for posting
Thanks, Ipp
welcome back ippsec!!!!!!! ty
Amazing as usual, i've got a question, how much time it takes for a newbie, to solve a box like this ? and is this suppose to be easy ? ^^
Hey, easy boxes are obviously the easiest of the bunch - usually point and click exploits in obviously vulnerable versions and that sort of thing. That said, they're not actually "easy" in terms of difficulty for the average person. If you don't have experience, you're not going to find them "easy", not even close. It will definitely take a while; depending on your experience, it may be well over a year before you can actually do easy boxes on your own. Best advice I can give is learn what you're actually doing: instead of "learning nmap" or "learning metasploit" or whatever tool is cool, learn the process behind it, don't just blindly run tools and see what sticks.
@ hello, thank you for ut advice
I’m actually doing the academy, last two modules
Can i add you on discord ?
Are you gonna be covering alert?
how to get root on alert any idea..?
@@jewell1276 its quite easy dont overcomplicate it and look for low hanging fruits
23:07 I can't open the ssh>
When I do ~C + enter nothing happens, would anyone help me?
miss your videos
How to do that ~C then send into ssh in background?
I have the same problem, have you found a solution?
@@lespetitjoueurs you have to enter a ssh session first, then input ~ to perform ssh escape sequence, you can combine with ? to validate and also check the commands
@@kaixianwongful combine what ?
Does it work for you?
@ when you hold Shift and press ~, there will be no output (indicating that you have entered escape sequence mode). After that, you can input 'C'.
❤
ctrl+shift+t reopen closed tab ;-)
btw this box can't be easy. the first attempt to get the user flag was easy but to get the root flag is quite more than 1-3 steps like an easy box should have.
Push!
Are you sure this is an easy level?
Please make Unrested, my teacher.
Thank IppSec
I dont like this machine at all. But I discovered for myself that I can pwn AD easily. It was strange)
For the froxlor part, you can use the install command to copy a file and set permissions in one go
install -o root -g root -m 4755 /bin/bash /tmp/bash
Lol, when I was in the box, I sawed other peoples work kinda gave up the root.txt.
I think that was me lol i have exams bud 😂😂😂