Using only one binary for the password spraying part was very insightful! I actually think that it's better than using cat, grep and awk at the same time, when it comes to detection. Thank you for taking the time to explain all of that and also for going much further than just solving the box!
"never do math online" :) also: awk -F':' '/sh$/ {print $1;}' /etc/passwd (no need to specifically check last column since it's also the end of the whole line)
May I ask (at 11:01) why Netadmin was selected as a process of interest? There were several user accounts listed all with processes started by root. What's so special about netadmin? I noticed that all of the others except _laurel had a PPID of 1. Thanks.
Filtered/closed could be useful in rare cases (especially in CTF). For example if there is a firewall, it could tell you the port could be open but only accessible from the inside of the box (through things like SSRF), or a port knocking (a port that needs to be knocked to pass from filtered to open). It is what I guessed, but maybe I am wrong !
![Build a TikTok Clone in React Native and AWS Backend [Tutorial for Beginners] 🔴](http://i.ytimg.com/vi/7okW52MQgSE/mqdefault.jpg)
![Build a TikTok Clone in React Native and AWS Backend [Tutorial for Beginners] 🔴](/img/tr.png)
Using only one binary for the password spraying part was very insightful!
I actually think that it's better than using cat, grep and awk at the same time, when it comes to detection.
Thank you for taking the time to explain all of that and also for going much further than just solving the box!
The beyond-root-segment taught me a lot I didn't know. I appreciate you always going the extra mile.
Absolutely fantastic explanation. This was a learning experience.
freakin cool, it was really great understanding what's happening under the hood when we use reaver!
Loved the explanations while writing that bash script
So dope! Well done!
"never do math online" :)
also: awk -F':' '/sh$/ {print $1;}' /etc/passwd (no need to specifically check last column since it's also the end of the whole line)
Dud you are soo good a this, it’s crazy. I’m more and more thinking about stopping doing software and do security just because of those vids
Of all the things I should remember from watching the best walk throughs on the internet, I can't get "cat spray" out of my brain.
Thanks for the video and learning experience!
I love your content Ip, I just wish I didn't have to double my volume to hear you. :P
Loved the post root part thank you
Can you do a setup tour? I'd be interested in seeing what you work with and your kraken machine too.
Above and Beyond!
I enjoy the extra bits after root
That's great
awsome ippsec
Did you made a typo with the maths at the end? I'm confused 😭😅
yea he was wrong xD
Push!
The Great idea
May I ask (at 11:01) why Netadmin was selected as a process of interest? There were several user accounts listed all with processes started by root. What's so special about netadmin? I noticed that all of the others except _laurel had a PPID of 1. Thanks.
when i did this box. i tried every user which was listed on /home 😂😂😂
But you have a point. and i really wanna know about this
Just because that is who we are running as. The chance of root starting a process we can write to is greater.
Thanks @@ippsec :-) Still watching and still learning. Thanks for replying
Hello ipp, dis you have the chance to use Caido tool, it's like burp suit and it has an integrated AI, can do a video about it ?
Why don't you use --open in nmap scanning
Filtered/closed could be useful in rare cases (especially in CTF).
For example if there is a firewall, it could tell you the port could be open but only accessible from the inside of the box (through things like SSRF), or a port knocking (a port that needs to be knocked to pass from filtered to open).
It is what I guessed, but maybe I am wrong !
Love ippsec,but we have not proper pentest knowledge , please help us
1st comment 🎉
@aubcodell Interesting
!
Boring box !
Not worth 250$
Ipp, please post the write-up for cybermonday. I implore you 🥺
Cybermonday is still active… he can’t do that
@@_fr3d_ sniff sniff
Lol its intresting box you can play with