HackTheBox - Lame - Walkthrough

แชร์
ฝัง
  • เผยแพร่เมื่อ 4 พ.ย. 2024

ความคิดเห็น • 210

  • @davidbeiler6364
    @davidbeiler6364 5 ปีที่แล้ว +182

    starts actual video at 2:35

  • @aravindaddula8137
    @aravindaddula8137 4 ปีที่แล้ว +31

    You have made a difficult one into simplest one bro, you are fantastic

  • @hectorgarc3963
    @hectorgarc3963 6 ปีที่แล้ว +20

    That was excellent. Clear, methodical, and logical. Great job!

  • @ITSecurityLabs
    @ITSecurityLabs 5 ปีที่แล้ว +8

    This is awesome. Thanks . I started studying for the OSCP and I am doing all HTB challenges

    • @ninehichem5037
      @ninehichem5037 5 ปีที่แล้ว

      iam learning security+ and i wanna start doing htb , do i follow guys on yt or i just download machine and start doing writing anything by myself?

    • @n0nuser
      @n0nuser 5 ปีที่แล้ว +1

      @@ninehichem5037 You should do both at the same time, try yourself if gets stuck then looked at the video just where you got stuck and continue by yourself again. That's the best way to learn I think.

    • @munyaradzimunoz9536
      @munyaradzimunoz9536 3 ปีที่แล้ว +1

      Great to see IT Security Labs following other fountains of Wisdom

  • @tbogun72
    @tbogun72 6 ปีที่แล้ว +59

    you should do more hackthebox videos, very useful keeup it up

  • @ejrz6553
    @ejrz6553 5 ปีที่แล้ว +5

    As someone who worked in a SOC for 2 years and wanted to learn the other side of things... that was dope

  • @DarthAzreal
    @DarthAzreal 4 ปีที่แล้ว +3

    Thanks for this, I'm new to pentesting and whilst I have some of the basic skills at my disposal now, it's still a very steep learning curve. This video has been a huge help in getting started with a simple exploit procedure and I look forward to working my way through your other videos. Keep up the great work.

  • @VNMHCKR
    @VNMHCKR 5 ปีที่แล้ว

    One of the only channel that listens to their viewers.

  • @gauravpurswani3830
    @gauravpurswani3830 4 ปีที่แล้ว +4

    There is one more port(3632) which comes while doing full port scan(distcc), it is vulnerable and can be exploited with an exploit in metasploit. Doesn't give root but there is nmap suid to do privesc.

  • @Warlock1515
    @Warlock1515 6 ปีที่แล้ว +1

    Wow those python and malware series I am looking forward to! I enjoyed this video very much, I learned from it and I like how you started with hackthebox! Keep it up, thanks man!

  • @vishalsrivastava3498
    @vishalsrivastava3498 2 ปีที่แล้ว +1

    I loved your explanation
    Simple 🕶️

  • @whitehatgurutelugu9901
    @whitehatgurutelugu9901 4 หลายเดือนก่อน

    Your videos are amazing ... Please make a video on machine : " Sunday " , waiting for your video !!

  • @paulmorrey733
    @paulmorrey733 6 ปีที่แล้ว +6

    You made that look easy Thanks - hoping for more tutorials starting from (very) basic Cheers

  • @TheBiggestMacOfThemAll
    @TheBiggestMacOfThemAll 4 หลายเดือนก่อน

    Quick question, what payload are you using? I’m being a bit curious

  • @Pow_Mafia
    @Pow_Mafia 4 ปีที่แล้ว +2

    What payloads should I use?

  • @SrRunsis
    @SrRunsis ปีที่แล้ว

    quick tip to everyone using nmap, if you run Nmap 7.80 you are running a buggy version that will miss some stuff like the Samba version from the video. Just found this out doing a box. Install from source!
    (i.e. if you installed nmap using apt you are running the buggy version)

  • @patrickmoloney672
    @patrickmoloney672 2 หลายเดือนก่อน

    Vsftpd is not the way in this machine because the vulnerability is that you use a :) in the username prompt to get to the back door . Since we are user 331 in this scenario no username prompt was given.

  • @JohnDoe-gj2mv
    @JohnDoe-gj2mv 4 ปีที่แล้ว +1

    If you find that the nmap scripts won't work correctly, you can use the smb_version auxiliary module in metasploit.

  • @Slickjitz
    @Slickjitz 4 ปีที่แล้ว +8

    Does the exploit fail for anyone else?

    • @TheHydra122
      @TheHydra122 10 หลายเดือนก่อน +3

      Yes, i keep getting ''Exploit completed, but no session was created."

    • @Nathan-q3c2s
      @Nathan-q3c2s 9 หลายเดือนก่อน

      ​@@TheHydra122problem is likely that the LHOST is set to the wrong IP. One thing you can try is setting it to listen to tun0 which should be the IP used to connect to HTB. Type "set LHOST tun0" to reconfigure the listening ip and give that a whirl.

    • @l_s2701
      @l_s2701 9 หลายเดือนก่อน

      ​@@TheHydra122LHOST is likely misconfigured. Try setting the LHOST to your HTB IP with 'set LHOST tun0'.

    • @TheHydra122
      @TheHydra122 9 หลายเดือนก่อน

      Guys i know why. U also need to change IP for your VM machine.. it not shown in here, but this is what u have to do

    • @nithish5762
      @nithish5762 8 หลายเดือนก่อน

      @@TheHydra122what ip??

  • @Роберт-и8х
    @Роберт-и8х 5 ปีที่แล้ว +1

    Love you so much! Please make more video about ctf and getting in with blackbox.

  • @SForc3re
    @SForc3re 4 ปีที่แล้ว

    bro you are so awesome :)) thanks for any suggestion thing .. keep it up

  • @razmjumehdi9069
    @razmjumehdi9069 2 ปีที่แล้ว

    Is it good for me to solve Retired Labs? Or does it give me no ranking at all? For example, I will not become a Pro Hacker?

  • @keithp7010
    @keithp7010 2 ปีที่แล้ว

    Great vid! 🙏

  • @robinhood3841
    @robinhood3841 5 ปีที่แล้ว +1

    There is no wrongs but just use cd ../../../ to get out of hall directores instead of using single cd ..

  • @okbogdan4185
    @okbogdan4185 3 ปีที่แล้ว

    you make it look so easy.. we want more!

  • @Eliferatu
    @Eliferatu 11 หลายเดือนก่อน

    Can you find the binary inside the python library or you gotta go straight to the port?

  • @ottodobermann2030
    @ottodobermann2030 6 ปีที่แล้ว

    Awesome! I love your channel! Keep going!!!!

  • @user-cd5sg1kn6y
    @user-cd5sg1kn6y 5 ปีที่แล้ว +1

    Excellent video. Thank you!

  • @funreels6421
    @funreels6421 6 ปีที่แล้ว +4

    Please please make Linux course basic to very advanced

  • @filipkendes1866
    @filipkendes1866 6 ปีที่แล้ว

    awesome video. keep up this series

  • @surajgurung8491
    @surajgurung8491 6 ปีที่แล้ว

    which software did you use to write the code??? could you please explain me...thank you

  • @Kdaddyis
    @Kdaddyis 3 ปีที่แล้ว +1

    Is hack the box free..?

  • @ashleybishton742
    @ashleybishton742 4 ปีที่แล้ว

    The web application is vulnerable to SQL injection there's also login details on the database several admin users and several hashed passwords but I don't think it has nothing to do with the box in general. Just a point to make out if people are looking at if that way round.

  • @baidysall9591
    @baidysall9591 4 ปีที่แล้ว

    Thanks again for the Walkthrough

  • @trava4156
    @trava4156 5 ปีที่แล้ว

    what are you actually hacking into? what is your target and goal?

  • @ramonbalcarce-dd5uq
    @ramonbalcarce-dd5uq ปีที่แล้ว

    tengo un problema, no me escanea los puertos, me los ignora! necesito saber que puertos estan abiertos

  • @Solvente_e_Soluto
    @Solvente_e_Soluto 4 ปีที่แล้ว +1

    For connect to the ritired machines, you need to switch to VIP and pay?

  • @tenofhearts99
    @tenofhearts99 2 ปีที่แล้ว

    Start 2:15

  • @DhwanilThakkar1
    @DhwanilThakkar1 4 ปีที่แล้ว

    Is there a discord you run?

  • @alexman340
    @alexman340 4 ปีที่แล้ว

    I just starting, but I don't have this feature on my account.There is not an explanation on website also .Is there any tutorial beginner of this video?

  • @JohnDoe-vn6by
    @JohnDoe-vn6by 5 ปีที่แล้ว

    That box was really easy. It took nothing but the exploits from searchsploit to get into the system.

  • @ahmedpito
    @ahmedpito 3 หลายเดือนก่อน

    after seaching for samba 3.0.20 on metasploit, so many scripts appear, how/why did you pick the user_map_script??

  • @aawdawgegaeeawd699
    @aawdawgegaeeawd699 5 ปีที่แล้ว

    hello may i which app are you using for the split terminal?

  • @OMER3-1-3
    @OMER3-1-3 2 ปีที่แล้ว

    Excellent 😊

  • @levicampre3411
    @levicampre3411 5 ปีที่แล้ว +1

    HP I cant stick incompatible software since its more advanced till the end of time.

  • @nicolasno-name8990
    @nicolasno-name8990 4 ปีที่แล้ว +2

    î am pretty sure that there ls a confusion between searchsploit and metasploit

  • @selflearningcybersec
    @selflearningcybersec ปีที่แล้ว

    @HackerSploit why don;t you makes video on ctf, liked it very much, explanatory.

  • @Dragnerve.
    @Dragnerve. 6 ปีที่แล้ว

    I think its not "allowed" to post hackthebox walkthroughs since you need to solve a challenge to even be able to join them and get their content, but please tell me if i misunderstood.

    • @HackerSploit
      @HackerSploit  6 ปีที่แล้ว +1

      You are not allowed to upload active machines only retired

  • @olabanjidavid2512
    @olabanjidavid2512 4 หลายเดือนก่อน

    My port for the samba is showing closed after nmap

  • @liberator48
    @liberator48 6 ปีที่แล้ว

    So what exactly was the point to find in this exercise? A hash for the root user... what for? Are you sure you did it right?

    • @HackerSploit
      @HackerSploit  6 ปีที่แล้ว

      To obtain the flags

    • @liberator48
      @liberator48 6 ปีที่แล้ว

      @@HackerSploit What flags?

  • @42norbert
    @42norbert 6 ปีที่แล้ว

    You are smart. Thank you for your wisdom.

  • @menez031
    @menez031 5 ปีที่แล้ว

    What happens after that, does it then show as green in the main dashboard or do you need to do something with the info from the txt files?

  • @Killergaming23
    @Killergaming23 4 ปีที่แล้ว +1

    Bro
    Tell me that
    If host were not rooted then what's the way to open root directory
    Tell me
    Please
    Thanks 😃🤓

    • @bringyourowndrugs
      @bringyourowndrugs 4 ปีที่แล้ว +1

      sudo su
      passwd root
      Enter New Pass, confirm it
      Change user and Login Using Root and Pass

    • @Killergaming23
      @Killergaming23 4 ปีที่แล้ว

      Thanks

  • @rraassttoo
    @rraassttoo 6 ปีที่แล้ว

    Another HackTheBox thank you so much👍🏻

  • @prateekdubey5028
    @prateekdubey5028 4 ปีที่แล้ว

    This machine was having all metasploitable 2 vulnerability

  • @anonymousgang1414
    @anonymousgang1414 3 ปีที่แล้ว

    How did you record video bro my fps is very low with kazam

    • @Geethu_Giri
      @Geethu_Giri 3 ปีที่แล้ว

      Use windows recrder

  • @Super_Cool_Guy
    @Super_Cool_Guy 6 ปีที่แล้ว +10

    *My friend can you make a video on how to set up TOR with a VPN like ProtonVPN...thanks*

    • @nandaybirb6633
      @nandaybirb6633 6 ปีที่แล้ว +1

      Use the VPN client. Connect to TOR.... LOL

    • @Super_Cool_Guy
      @Super_Cool_Guy 6 ปีที่แล้ว +1

      @@nandaybirb6633 exactly how explain that stupid !

    • @nandaybirb6633
      @nandaybirb6633 6 ปีที่แล้ว +5

      @@Super_Cool_Guy You install the client the VPN provider gives you when you purchase it. They give you instructions on how to do so for your operating system. Then you download the TOR browser. If you can't figure that out on your own there is plenty of videos on how to do so or you can read the TOR documentation. You connect to the VPN with that client then you launch the TOR browser. BTW don't call people stupid when you're asking for help. It's counter inventive.

    • @Super_Cool_Guy
      @Super_Cool_Guy 6 ปีที่แล้ว +1

      @@nandaybirb6633*But you are an Stupid idiot, so what you advise is setup a VPN on the computer then run the TOR browser......so how will that give you access to the TOR network ......man you really are a DUMB idiot*

    • @GeneralMoh
      @GeneralMoh 6 ปีที่แล้ว +3

      @@Super_Cool_Guy You are so repulsive and cantankerous idiot ever existed! You need help yet you are insulting those you seek help from! Dumbass

  • @brettnieman3453
    @brettnieman3453 6 ปีที่แล้ว +1

    How would we do it without Metasploit?

  • @supermario1982171
    @supermario1982171 4 ปีที่แล้ว

    Great video learn so much from just watching yhis

  • @yannickpeter8607
    @yannickpeter8607 4 ปีที่แล้ว +1

    The hack depends on knowing the correct samba version (3.0.20) but my nmap scan (-sV -sC -A 10.10.10.3) does not show the version on port 139 or 445 or in host scripts. Just 3.X - 4.X
    So i wasnt able to hack the box. :'( any ideas why my scan is different to the one in the video?

    • @kavishgour3267
      @kavishgour3267 4 ปีที่แล้ว

      Run 'smbmap -H 10.10.10.3'
      you'll see the version in the comment section.

  • @saran-thiyagu
    @saran-thiyagu 5 ปีที่แล้ว +1

    Dude I have one doubt you hadn't set tha payload in metasploit....Then how you got the reverse shell...And what is the purpose of setting payload in metasploit.?? Please explain bro..

  • @hardwork3196
    @hardwork3196 5 ปีที่แล้ว

    hi, do you make more videos about hackthebox?

  • @AcezeroGame
    @AcezeroGame 6 ปีที่แล้ว

    Love from Nepal😇

    • @HackerSploit
      @HackerSploit  6 ปีที่แล้ว

      Greetings, and love to Nepal

    • @AcezeroGame
      @AcezeroGame 6 ปีที่แล้ว

      @@HackerSploit thanks and great fan of your videos

  • @secopsanalyst859
    @secopsanalyst859 4 ปีที่แล้ว +1

    Here is an easy walkthrough, 4 minute read
    medium.com/@fellsec/hackthebox-write-up-lame-31757ce0e395

  • @alexstomberg8230
    @alexstomberg8230 6 ปีที่แล้ว

    You should do the DEFCON CTF!

  • @FearlessSec
    @FearlessSec 5 ปีที่แล้ว

    Hey, Mr. Sploit, I try to connect to HTB, and I refresh my connection pack as they recommended, but i always get the error “fatal error” and I can’t do anything with the website. Have you heard of this and do you have any advice?

  • @michaelharfiee7463
    @michaelharfiee7463 4 ปีที่แล้ว

    hi,
    i love your video quite explainable and interesting
    am new to hackthebox and also pentesting mind sharing few tip on how to go by HOB

  • @A.M.1.
    @A.M.1. 3 ปีที่แล้ว +2

    This was an "easy" task.. I have absolutely no idea what you just did and what you solved for.. long story short.. WTF

  • @YovngPrince
    @YovngPrince 6 ปีที่แล้ว

    where is Exploit Development series? have you working on it?

  • @driftv8253
    @driftv8253 4 ปีที่แล้ว

    Can you please make a video of how to capture flags on HTB Multimaster

  • @haroon4088
    @haroon4088 5 ปีที่แล้ว

    what is vulna?>

  • @prafulmunde9821
    @prafulmunde9821 6 ปีที่แล้ว +1

    Hot the like button before watching video!

  • @raanonyms7926
    @raanonyms7926 5 ปีที่แล้ว

    why aren't making anymore HTB boxes

  • @hsupply7064
    @hsupply7064 2 ปีที่แล้ว

    When I ran the exploit it I got the same message as before I followed your guide exactly as you did it. Why do I keep getting exploit completed but no shell prompt like you did

    • @hsupply7064
      @hsupply7064 2 ปีที่แล้ว

      I figured it out for the people's session who does not start run a ifconfig then set your host to your net address and it will work

    • @jacobfurnish7450
      @jacobfurnish7450 ปีที่แล้ว

      @@hsupply7064 net address? What specifically do you mean i have the same issue

  • @j4ck_d4niels
    @j4ck_d4niels 4 ปีที่แล้ว

    Thanks a lot

  • @whitedavil9463
    @whitedavil9463 4 ปีที่แล้ว +1

    i have problem in net work access nmap scan i was connect woth openvpn

    • @bringyourowndrugs
      @bringyourowndrugs 4 ปีที่แล้ว +1

      YES same, did you find a solution to this?

    • @whitedavil9463
      @whitedavil9463 4 ปีที่แล้ว

      @@bringyourowndrugs no

    • @bringyourowndrugs
      @bringyourowndrugs 4 ปีที่แล้ว

      I'm guessing we need to be paid members to access

    • @whitedavil9463
      @whitedavil9463 4 ปีที่แล้ว

      @@bringyourowndrugs i have paid account

    • @bringyourowndrugs
      @bringyourowndrugs 4 ปีที่แล้ว +1

      @@whitedavil9463 ohh okay. Let me know if you find a solution.

  • @aaronmoore5295
    @aaronmoore5295 4 ปีที่แล้ว +1

    Anyone know the correct way to add LHOST ? I keep getting error “ exploit completed but no session created”

    • @danwood8084
      @danwood8084 4 ปีที่แล้ว

      same

    • @danwood8084
      @danwood8084 4 ปีที่แล้ว +1

      no payload thats why, did you figure it out

    • @aaronmoore5295
      @aaronmoore5295 4 ปีที่แล้ว +1

      Daniel Wood I figured it out

    • @aleamil3435
      @aleamil3435 3 ปีที่แล้ว

      same

    • @aleamil3435
      @aleamil3435 3 ปีที่แล้ว

      could you solve it?

  • @ir4640
    @ir4640 5 ปีที่แล้ว

    What are the ways to learn real world hacking

    • @ronin0x_
      @ronin0x_ 5 ปีที่แล้ว

      Ask Steve Wozniak.. He knows better

  • @dipanshujha7293
    @dipanshujha7293 6 ปีที่แล้ว

    Thanks dude

  • @offlife77
    @offlife77 5 ปีที่แล้ว

    AWESOME BRO

  • @unofficialcut
    @unofficialcut 5 ปีที่แล้ว +1

    More hackthebox please

  • @suyashtiwari7194
    @suyashtiwari7194 6 ปีที่แล้ว

    East or west hackersploit is best

  • @hewfrebie2597
    @hewfrebie2597 6 ปีที่แล้ว +1

    exploit for python or metasploit?
    Can't wait to see it!

  • @SD-Gamer
    @SD-Gamer 7 วันที่ผ่านมา

    'Hackersploit here'

  • @rikivivek98
    @rikivivek98 5 ปีที่แล้ว

    How your virtual box seems so fast...mine lag too much....as i use a laptop and have a 4gb ram....do i have to increase the ram??? Please help me

    • @octavian15202
      @octavian15202 5 ปีที่แล้ว

      You are trying to increase the ram on your laptop or your virtual box?

  • @mrvirtual6270
    @mrvirtual6270 6 ปีที่แล้ว

    What happened to shell scripting? Make more video about bin bash

  • @Agung-yk7hr
    @Agung-yk7hr 5 ปีที่แล้ว

    It paid?

  • @Xifpebo
    @Xifpebo 4 ปีที่แล้ว

    Where he got txt file?

  • @ayanchakraborty76
    @ayanchakraborty76 6 ปีที่แล้ว

    Please make a video about how to bypass cloudflare please sir

  • @deepadevi1347
    @deepadevi1347 4 ปีที่แล้ว

    Please do a tour of hackerrank , hackerearth, codechef...

  • @thedarkorien5036
    @thedarkorien5036 5 ปีที่แล้ว

    i couldnt find lame on hackthebox website could someone help please

  • @kyleolivier5685
    @kyleolivier5685 3 ปีที่แล้ว

    lmao, since when did this video become age restricted?

  • @LeonardoDeBrida
    @LeonardoDeBrida 6 ปีที่แล้ว

    Man, you should write a book haha, great vds, !!

  • @magiermexico
    @magiermexico 4 ปีที่แล้ว

    Great !!!

  • @prohat7674
    @prohat7674 5 ปีที่แล้ว

    Can you make more video like this

  • @fellsec2218
    @fellsec2218 5 ปีที่แล้ว

    Thanks

  • @shivamsubudhi8675
    @shivamsubudhi8675 5 ปีที่แล้ว

    What's your discord server

  • @acme-jammer
    @acme-jammer 4 ปีที่แล้ว

    I can't buy your courses on udemy since its a private course. I requested an invitation. Can you please send the invite

    • @andekarraju4499
      @andekarraju4499 4 ปีที่แล้ว

      Hey there are bunch of free courses available in udemy... About penetrationt testing.. With qualified certificates

  • @Arulraj_VIP
    @Arulraj_VIP 6 ปีที่แล้ว

    Nice vedio.....

  • @FalconeXX_
    @FalconeXX_ 6 ปีที่แล้ว

    ftp command not found , how can i set ftp in kali ?