Great work done by ippsec like always Priv esc on this box was a nightmare... learned alot while trying to get user shell but was pissed off in priv esc part and in the end didn't get root and moved on.. 😑
I am having a really hard time with the curling of the shell. I have exactly what you have in your header and I have the python server set like your and a listener set and the shell file the same and I cant get it to curl but I can for sure do all of the other commands. I am so frustrated. I am using kali from a physical install on a laptop. I have tried encoding all of the characters to make sure there are no bad chars and tried with sudo permissions when running the terminals but it simply wont work. Any ideas?
I got to know of ssti from forums but executed everything else to get user.txt Didn't get root but looking forward to a time when i can identify exploits on my own
Have done this on htb when it is active , but watching IPsec talk about how to did it in his way, it is marvellous.
Man, thank you for showcasing the fuzzing for special chars errors. This helped me find an RFI on an OSCP practice lab :)
Setting group via sudo was very interesting, thanks for sharing that at the end
Good that you explained what's going on with these groups because since halfway through the video it hasn't given me peace.
Great work done by ippsec like always
Priv esc on this box was a nightmare...
learned alot while trying to get user shell but was pissed off in priv esc part and in the end didn't get root and moved on.. 😑
This priv esc is something else, absolutely bonkers
Always get the best part at the end! Thanks
I have improved ssti and xml tq once again sir... we will brush up...
I am big fan
Thank you very much, I learned many things from you, you are the best
2:35 it literally said it's made with spring boot in response beforehand
In one Respone it said "Made with Spring Boot" in the header of the HTML
Finally 😅 i was waiting for this box lol
Thanks Ipp 🙏
IppSec, you are the father of all junior hackers.
thank you a lot for this kind of content
I am having a really hard time with the curling of the shell. I have exactly what you have in your header and I have the python server set like your and a listener set and the shell file the same and I cant get it to curl but I can for sure do all of the other commands. I am so frustrated.
I am using kali from a physical install on a laptop. I have tried encoding all of the characters to make sure there are no bad chars and tried with sudo permissions when running the terminals but it simply wont work.
Any ideas?
this box got updated somehow? I couldn't get a reverse shell
I got to know of ssti from forums but executed everything else to get user.txt
Didn't get root but looking forward to a time when i can identify exploits on my own
priv esc on hackthebox is a moving target. come to tryhackme.
Learnt something new thanks Ippsec
is Ben Hur channel is also you??? bcz the vioce is 1000% same
6:00 'squigly bracket 😭😭😭😭'
❤❤nice
I couldn't get a reverse shell going on this so I ended up doing a lot of it the hard way, dodging banned characters in the search box 😅
Good Work!
hey ippsec how to enable terminal regex search function on..
How do you request a GET response in the url?
Nevermind. Burp assisted in that. Also "*{7*'7'}" got to the Whitelabel Error Page
IppSec ❤❤❤❤❤❤❤❤❤❤❤❤