Sorry to see the documentation steps dropped, they were interesting in their own right - also the video ends at 28:11 but then continues for almost 10 minutes as dead space.
@@Vogel42 DraugaDae has a valid point, seeing how recon works on his own machine can help others in reconning and understanding VulnBox/self made ctfs. I believe strongly that self ctfs are harder because you already know how stuff works but you need to have the attacker mind and how somebody else will approach it
Running Hydra against SSH - root user and using a password list containing the correct password didn't create a hit. Has anyone else seen Hydra perform false negatives?
This was one of your better quality presentations. Thanks. Beautiful job. You are inspiring me through all aspects of network, OS, and device security. ❤️❤️❤️
When doing sql queries, if you add \G to the end, it will show the fields in a vertical list which makes tables with a lot of fields sooo much easier to read. e.g., SELECT * FROM users\G;
hello IppSec i'm korean and I am watching your video well when I study. Anyway I have a question in this video What is the support ticket? and how does the authentication email appear in the ticket? I'd appreciate it if you could tell me
Excellent as always! That is why I always limit the SSH logon by Public/Private Keys and creating a dedicated group that is only allowed to SSH as well is locking in SSH traffic by specific IP address or subnets!
Can anyone recommend some webapp pentesting content? Recently sat OSCP and found web was my main weakness. Just looking for some good resources. Cheers
If you ever do a DCSYNC against a company, just try it and you'll be surprised. It's just how the rule files work that makes it beneficial, hard to explain without just doing it.
Kudos to such dedication towards the infosec community.
Sorry to see the documentation steps dropped, they were interesting in their own right - also the video ends at 28:11 but then continues for almost 10 minutes as dead space.
i don't think he needs to recon his own box :)
@@Vogel42 Can't imagine he needs to hack it either, yet here we are!
@@Vogel42 DraugaDae has a valid point, seeing how recon works on his own machine can help others in reconning and understanding VulnBox/self made ctfs. I believe strongly that self ctfs are harder because you already know how stuff works but you need to have the attacker mind and how somebody else will approach it
ippsec setup tour please
Lol that intro.. so I am gonna be biased and say it’s amazing.... 😂 😆
Anyway great video ippsec!!!!!
That was my first box on HTB. Thanks a lot for all your work.
Loved the walkthrough! Thanks ippsec
I did this the other day, it was a cool machine :)
Amazing Videos
Anyone know where i can find similar config for tmux like the one in IPPsec looks very nice to look at
Thank you
It's ippsec!!!
Audio is kind of wack at times. Is it on my end or anyone else having problems as well?
I agree, it's a bit painful to watch with headphones
Ippsec OP
Are we gonna get ippsec face cam now that we seen his face?
Running Hydra against SSH - root user and using a password list containing the correct password didn't create a hit. Has anyone else seen Hydra perform false negatives?
Solving your own box lol, I loved this box though keep it up please
a how-to-create-a-ctf-machine would be a great tutorial :)
This was one of your better quality presentations. Thanks. Beautiful job. You are inspiring me through all aspects of network, OS, and device security.
❤️❤️❤️
When doing sql queries, if you add \G to the end, it will show the fields in a vertical list which makes tables with a lot of fields sooo much easier to read. e.g., SELECT * FROM users\G;
hello IppSec i'm korean and I am watching your video well when I study.
Anyway I have a question in this video
What is the support ticket? and how does the authentication email appear in the ticket?
I'd appreciate it if you could tell me
I enjoyed this box. I thought the foothold method required a bit of "outbox thinking" =)
Finally Ippsec's face reveal 😌
Where?
@@EnglishItalian1 goto Hackthebox official channel with he is with JohnHammond
Excellent as always! That is why I always limit the SSH logon by Public/Private Keys and creating a dedicated group that is only allowed to SSH as well is locking in SSH traffic by specific IP address or subnets!
Can anyone recommend some webapp pentesting content? Recently sat OSCP and found web was my main weakness. Just looking for some good resources. Cheers
Damn!!! Your box is original, there's the hunting logic, detailed and yet fast enough...
You nailed it! 💯🔥
Great 1 as isual! That python smtp script was brilliant!
thanks for the box and for the walkthrough
did not understand why you would chuck the plaintext pass in hashcat again. It would not even be a valid hash
If you ever do a DCSYNC against a company, just try it and you'll be surprised. It's just how the rule files work that makes it beneficial, hard to explain without just doing it.
Push!
1st
Sir what about setting up htb vms with nginx??
And the guy who found this bug was inti , asome hacker🔥
You do know that a face increases engagement substantially..
Dude this is not a Beyonce concert…
I’m here to teach, not be popular or an influencer. The cam gets in the way of text and doesn’t have any real benefit
@@ippsec the first thing to do with a new laptop sticker the webcam lens. :) greetts @rootsh3ll1
Bro we are here for the content and methodology. Camera would be an irrelevant adittion.
@@ippsec The cam gets in the way of text, nicely put