I know your a busy guy but are you planning on doing any more live stream videos sometime soon, aimed primarily at beginners. The whole interaction with you would be very educational and informative. You have a great way of explaining things, and for us noobs would be a fantastic opportunity to learn and build on our skills. Your a Guru 👌
@@sousavann You really have to love learning to get into hacking. Don't fear it. Let it motivate you to want to read and learn everything. Watch everything you can to add to the arsenal of knowledge you will have in the future to be able to apply that into helping others.
I love your videos! Thank you so much. I have 0 experience in doing these things but I find this oddly satisfactory to watch 😂 Could you include Box difficulty in the description or the preview picture and include a link to the box on HTB? Would love to take a look and maybe you can get some referrals
Hi Ippsec, why must escape characters be removed in order for the command to work? I spent 30 mins sending the command in the parser only to realise the backslashes have to be removed in order for it to work😅
Short answer, because escapes make it not valid JSON. Long answer -- The quote is a special character and has multiple meanings, it can either be a visual thing (text) or it can be used to enclose strings. When you put the backslash before it, you saying this is only visual. So when the json see's { \"key\":\"value\"} -- It errors because there is no key or value, as the backslash said the quote was not enclosing a string. Quotes can do more than close strings, so the above may be technically wrong however I think its the best way to get a basic understanding without programming knowledge.
I remember that one: My exploit just did not work w/ my kali VM. Next day I used a standard Ubuntu box w/ the same exploit and it worked. Weirdest thing ever. Oh and its definitly easier than Luanne, despite being a "medium" box.
reminds me of someone. nano ps, lsof or netstat or any monitor program then put in $1 or "$1" cant remember either how to pass all args, but add at the end |grep -v ip, or proc name, or anything. dirty but live of the land
@@ippsec Probably, but I haven't touched these binaries (x-session-manager, ypdomainname, w, xzgrep, mintsources, etc). Oh well, One last question sir; Is the /usr/libexec folder common? I ask because there are many binaries living there and I can't really find much docs on this directory. It seems kinda suspect. I've ran a clamscan but it reports nothing out of the ordinary.
Seriously i really hate that vi editor !!! Working good in parrot but when exploiting target we cant use nano there if i press arrow its typing something like this [~. I really hate that vi editor I can't edit that timer_backup.sh ;/
I dunno how much you pay youtube to promote your stuff, but everytime I watch one of your videos my frontpage gets filled with your videos and its fkin anoying. Great content tho, ty.
Hy... How did he split the terminal horizontally... I am using ctrl+A then other commands to split.... But looks like he does it in one button.... If anyone know something, it will be great help.
I think it’s under 2 minutes in obsidian during the box... then there’s time on the end for those that want to see it. I try to put most of the note process at the end of the video so you can skip it
The timestamp tip to identify binaries not installed by the package manager is a good one. But in this case, having a .sh file not owned by root in the /usr/bin directory should have screamed for attention.
He’s in fact using a parrot instance via a web browser, also he’s tunnelling via a mod vpn, which will have virtually no traffic, back into HTB network.
Did you delete notes regarding previous boxes(Luanne, Crossfit)? I mean in obsidian, because they are not shown in a folder menu on left side, but same vault.
I know your a busy guy but are you planning on doing any more live stream videos sometime soon, aimed primarily at beginners. The whole interaction with you would be very educational and informative. You have a great way of explaining things, and for us noobs would be a fantastic opportunity to learn and build on our skills. Your a Guru 👌
He is omnisient🤤
Awesome, absolutely MIND BLOWING the forensic bit with time stamps, that's amazing!just WOW
Thanks ippsec for not forgetting the notes. 😆
Notes are the best practice to do the job
When I watch this I am both discouraged, and inspired at the same time.
Lol I know the feeling
Too many things to learn for hacking
@@sousavann You really have to love learning to get into hacking. Don't fear it. Let it motivate you to want to read and learn everything. Watch everything you can to add to the arsenal of knowledge you will have in the future to be able to apply that into helping others.
It is not less than a perfect. I am so enjoying you contents!
Hahah see you all on next... Oh no... That was quite funny :p
Something was already awaited in the last in my mind :D
I love your videos! Thank you so much. I have 0 experience in doing these things but I find this oddly satisfactory to watch 😂 Could you include Box difficulty in the description or the preview picture and include a link to the box on HTB? Would love to take a look and maybe you can get some referrals
You are amazing dude! ❤️
Hi Ippsec, why must escape characters be removed in order for the command to work? I spent 30 mins sending the command in the parser only to realise the backslashes have to be removed in order for it to work😅
Short answer, because escapes make it not valid JSON. Long answer -- The quote is a special character and has multiple meanings, it can either be a visual thing (text) or it can be used to enclose strings. When you put the backslash before it, you saying this is only visual. So when the json see's { \"key\":\"value\"} -- It errors because there is no key or value, as the backslash said the quote was not enclosing a string.
Quotes can do more than close strings, so the above may be technically wrong however I think its the best way to get a basic understanding without programming knowledge.
I remember that one: My exploit just did not work w/ my kali VM. Next day I used a standard Ubuntu box w/ the same exploit and it worked. Weirdest thing ever.
Oh and its definitly easier than Luanne, despite being a "medium" box.
Do you solve these boxes before you make the video? You're so fast!
reminds me of someone.
nano ps, lsof or netstat or any monitor program
then put in $1 or "$1" cant remember either how to pass all args, but add at the end |grep -v ip, or proc name, or anything. dirty but live of the land
How did you install Obsidian? =D Any useful source for that?
I'd suggest you download the AppImage from obsidian.md/download. That's the easiest
After you download the app image, place it in your local bin within your path.
One of the locations is ~/.local/bin if memory serves me right.
I have quite a few files in /usr/bin that have timestamps != 00000000000. Does that mean I'm backdoored?
Most likely means you placed files there for convenience and didn't use the correct path (one with local)
@@ippsec Probably, but I haven't touched these binaries (x-session-manager, ypdomainname, w, xzgrep, mintsources, etc). Oh well, One last question sir; Is the /usr/libexec folder common? I ask because there are many binaries living there and I can't really find much docs on this directory. It seems kinda suspect. I've ran a clamscan but it reports nothing out of the ordinary.
Seriously i really hate that vi editor !!! Working good in parrot but when exploiting target we cant use nano there if i press arrow its typing something like this [~. I really hate that vi editor
I can't edit that timer_backup.sh ;/
I dunno how much you pay youtube to promote your stuff, but everytime I watch one of your videos my frontpage gets filled with your videos and its fkin anoying. Great content tho, ty.
I don't pay anything.
Just a tip you can pipe output into xclip -sel clip to get it into clipboard
You can even shrink that down to xclip -se c
alias it to cb, even shorter..
Hy...
How did he split the terminal horizontally...
I am using ctrl+A then other commands to split....
But looks like he does it in one button....
If anyone know something, it will be great help.
port #9001 because it's over nine thousand... and it has no invisible line-breaks...
Ohh my god, not 7.6p2 bionic. Missing type 8.2p2 ....
The timestamp bit actually seems like a very underrated tip, I wonder what other handy use cases it might have
Great video as always!!!
And happy 4 years for HTB!
Thnx ippsec !!!! -*-
everything is awesome,but this note taking kills necessary time
I think it’s under 2 minutes in obsidian during the box... then there’s time on the end for those that want to see it. I try to put most of the note process at the end of the video so you can skip it
@@ippsec Thanks , i respect you a lot ❤️
@@ippsec thanks for including notes at the end
It’s Tiiiiimmmmmeeee!!! For ippsec!!
Couldn’t you use Wappalyzer to find out what version of Jackson the web servers running ?
The timestamp tip to identify binaries not installed by the package manager is a good one. But in this case, having a .sh file not owned by root in the /usr/bin directory should have screamed for attention.
This was the first box I ever attempted. I didn't make it very far but I did identify the vulnerability. I never was able to successfully exploit it.
Awesome, any chance you can create a tutorial for HackTheBox VM ?
ippsec please plan any live stream that will helpful for us
from where I can learn this stuff?
You are amazing dude! ❤️
How your Parrot is so smooth in VMWare?
Mine kali is really trash in vmware, hangs a bit. Though, I have associated 7GB RAM and 3 processors to the VM
He’s in fact using a parrot instance via a web browser, also he’s tunnelling via a mod vpn, which will have virtually no traffic, back into HTB network.
Awesome ippsec!!!
You r my fav sr
👍🏻
❤️
Did you delete notes regarding previous boxes(Luanne, Crossfit)? I mean in obsidian, because they are not shown in a folder menu on left side, but same vault.
Yes I clear out the notes after the video is done
@@ippsec Do your notes have no value for you?)))