Great video as always. I notice you do some blue team stuff on occasions, it would be really interesting to see some stuff on Windows logs, particually on tracking activity from a user from login to logout if you have anything cool to show.
Wow I spent so much time on that initial foothold ! I made it work without the '/' by using php -r exec(base64_decode(EXPLOIT_B64)). Even there I had problem executing /bin/sh and /bin/bash. I'm impressed with the mv .sh .html thing to reverse shell move. ggs
Awesome Walkthrough IPPSEC, Thanks for showing your metheodology for the log analysis and password extraction. I was waiting for your video till Investigation retired. When I did the box, I had to manaully search special characters using VS code which was daunting. Thanks once again.
There’s a part that I don’t think it makes sense. In your Perl example, you’ve specified the pipe character in the path of the file “TheFile” whose content will be executed. However, this wasn’t the case against the target in which you’ve injected your command in the file name without touching the content of the image. In the latter case, the file content was not executed as was the case in the former Perl example. I would appreciate your clarification on this. Thanks for the video!
So in the Demo i showcase perl executing a command when opening a file. Exiftool has to open files to read the metadata. I put the RCE as the filename so when exiftool went to open the file it executed the command instead.
Thanks for the videos. I am having a problem viewing gobuster output, i tried less,vim even nano, but i keep seeing those weird coloring symbols. How can i view it correctly??
solid reversing, I went the lazy strings binary route 😆
Great video as always. I notice you do some blue team stuff on occasions, it would be really interesting to see some stuff on Windows logs, particually on tracking activity from a user from login to logout if you have anything cool to show.
Please make more vd for advanced techniques red team and pivoting
dunno where we would be without you
Wow I spent so much time on that initial foothold ! I made it work without the '/' by using php -r exec(base64_decode(EXPLOIT_B64)). Even there I had problem executing /bin/sh and /bin/bash. I'm impressed with the mv .sh .html thing to reverse shell move. ggs
differing 404 pages would suggest Apache/NGINX is a reverse proxy in front some other server like Python Flask or something, right?
Awesome Walkthrough IPPSEC, Thanks for showing your metheodology for the log analysis and password extraction. I was waiting for your video till Investigation retired. When I did the box, I had to manaully search special characters using VS code which was daunting. Thanks once again.
There’s a part that I don’t think it makes sense. In your Perl example, you’ve specified the pipe character in the path of the file “TheFile” whose content will be executed. However, this wasn’t the case against the target in which you’ve injected your command in the file name without touching the content of the image. In the latter case, the file content was not executed as was the case in the former Perl example. I would appreciate your clarification on this.
Thanks for the video!
So in the Demo i showcase perl executing a command when opening a file. Exiftool has to open files to read the metadata. I put the RCE as the filename so when exiftool went to open the file it executed the command instead.
Epic
Great walkthrough
I can't digest that 1 dislike.
Push!
Its appear very small letters whatever giving information please increse sizes of words
Thanks for the videos. I am having a problem viewing gobuster output, i tried less,vim even nano, but i keep seeing those weird coloring symbols. How can i view it correctly??
Use less with -R
Pass it to less, and then pass it to more. This will give you more of less
@@kariminal2999 Thanks man
Hey ippsec....❤