ippsec i am so amazed that your channel is so organized and consistent as well as putting timestamps in each video you release i do not know how thank you, you made it easy for us to learn i appreciate it too much 🖤🖤
This is such good information. It's surprising that DLL hijacking isn't talked about more in this community. This is core education for any aspiring red teamer.
Maybe these shortcuts don't work if you're in a vm, but on windows 10 if you hit win+x it will open a menu, if you then hit i, it will open powershell, if you do win+x and then a, it will open powershell as admin. These shortcuts work for the english version of windows, other languages sometimes have other keys once you're inside the menu. Very informative video!
Thank you for sharing another great video. I'm grateful for the knowledge you've shared. I've lived in this area for 10 years and I'm excited to share this with my team, especially with the "kids". Your video will help them understand the topic much faster than my long and sometimes boring lectures.
lul 14:55 "Let's see... is there a process name?" >Proceeds to pass directly over "Process Name" no less than 3 times. Great video all the same. Subscribed.
It’s not high on my priority list because it’s not valuable for defenders to understand that concept. I try to keep it at a basics level for red team stuff.
Hey ippsec, I am not able to cd or dir ..\.dotnet\ I tried different ways but it is not working. I am using Windows 11. is it the one causing issues or what is it ?
I fell like you are quite swifty with winapi, any tips? Maybe some video with basics? I don't know why but when I see MS documentation I just want to puke, I barely understand anything
can you do priv esc with this? Find some app running as system with a missing dll and slap a fake dll into writeable path to run some commands would be my guess
@@hexagon6290 you dont need to replace an existing DLL for that... i didnt looked the video so idk if ippsec talks about it but im sure he did, you just see what DLL isnt found by known software installed in the victim workstation on a writable directory
such good info... and doing it live helps a lot to avoid those 'natural' mistakes... ps: you site design seems just useful... no sh***... just all the juice...
No worries, I plan on uploading raw clips or redoing them like this one for the YT. I’m just more comfortable in interacting with people live if there’s no record of it. I may setup the patreon again and post recordings there, just don’t want to do it before it’s a routine
Man oh man. More of this type of content please. Anyone know of a way to bypass cdn or cloud providers to find origin IP? My trusty python script that always works is failing on some of these cloud hosted sites or cloud firewall
ippsec i am so amazed that your channel is so organized and consistent as well as putting timestamps in each video you release i do not know how thank you, you made it easy for us to learn i appreciate it too much 🖤🖤
This is such good information. It's surprising that DLL hijacking isn't talked about more in this community. This is core education for any aspiring red teamer.
It is talked a lot but you dont see it because you just look at channel where only basic stuff is teach
So MANY of the episodes are bangers
Maybe these shortcuts don't work if you're in a vm, but on windows 10 if you hit win+x it will open a menu, if you then hit i, it will open powershell, if you do win+x and then a, it will open powershell as admin.
These shortcuts work for the english version of windows, other languages sometimes have other keys once you're inside the menu.
Very informative video!
Thank you for sharing another great video. I'm grateful for the knowledge you've shared. I've lived in this area for 10 years and I'm excited to share this with my team, especially with the "kids". Your video will help them understand the topic much faster than my long and sometimes boring lectures.
lul
14:55 "Let's see... is there a process name?"
>Proceeds to pass directly over "Process Name" no less than 3 times.
Great video all the same. Subscribed.
It is always a pleasure watching Your videos. Thank You Ippsec!
OMG Nice timing ippsec! was doing a thick client test and actually trying some dll hijacking stuff. lol this is really helpful.
The right daily dose of cyber security, thank you so much for this awesome demo.so well explained.
😁wow that’s cool 👍the best part
Amazing video IppSec, thanks
Me at 8 in the morning after many hours of HTB "Im in a weird state" xD Love your videos, very organized and just full of information 👌
Thanks for the amazing content IppSec! Love your channel, keep em coming!
Amazing content, thanks for sharing
wow this video showed a couple of cool ideas, which were unknown to me. got my sub
Very Helpful! Please do more like this. Thanks!
thanks for the video...it would be great if you share some evasion techniques of (modern AV/EDR..) using DLL hijacking.
That sounds like a very dangerous thing to share. I wouldn't do a video on something so weaponizable.
Just use base64 encoding works all the time
Offensive Security has entered the chat.
@@ippsec if I'm not wrong your doing part of cybersecurity and penetration testing and of course they are part of it any thanks you help us every day😊
pepsic is an anagram of ippsec.
Amazing video.Thank you ❤️
Pretty awesome !
you are great, i love it
More persistence and slipping under the radar! :D
this is so awesome
Another great video...
Amazing info
Being new at DLL hijacking, I am having trouble understanding how DLL proxying works. Would love a dedicated video about that topic. Cheers!
It’s not high on my priority list because it’s not valuable for defenders to understand that concept. I try to keep it at a basics level for red team stuff.
If anyone is curious like myself about DLL proxying, check this out ruclips.net/video/tSdyfaJ7T50/видео.html
Helpful videos! Love your content.
Would love to catch a live stream some day on Twitch.
Wow)) It is fantastic
Hey ippsec, I am not able to cd or dir ..\.dotnet\ I tried different ways but it is not working. I am using Windows 11. is it the one causing issues or what is it ?
Oh didn't realize you are on Twitch now. I'll be sure to check out your streams.
thnaks for content !
But is is possible to write the code that you did in c++ with c#? Because when i do it and i try i'm getting error trying to access peotected memory
Great video!
I fell like you are quite swifty with winapi, any tips? Maybe some video with basics? I don't know why but when I see MS documentation I just want to puke, I barely understand anything
Wonderful.
❤️
If cscapi.dll is replaced by your customized one, won't it affect the normal behavior of explorer.exe?
Normally if you don’t use a dll proxy technique yes. However, I think explorer just imports cscapi but doesn’t use it
can you do priv esc with this? Find some app running as system with a missing dll and slap a fake dll into writeable path to run some commands would be my guess
Yes, that is certainly possible.
Some apps you can replace a DLL they load with your own and gain privs that way
@@hexagon6290 yeah thats the goal, I need to find some weak (writeable and loading dlls that arent in KnownDlls) file running as NT Authority.
@@hexagon6290 you dont need to replace an existing DLL for that... i didnt looked the video so idk if ippsec talks about it but im sure he did, you just see what DLL isnt found by known software installed in the victim workstation on a writable directory
such good info...
and doing it live helps a lot to avoid those 'natural' mistakes...
ps: you site design seems just useful... no sh***... just all the juice...
hey ippsec. Is it possible to watch the twitch live stream history?
Nope, think i said it at the start of the video but at this time, I don't plan on releasing VOD's for my streams.
@@ippsec I'm sorry I missed it. By the way, thanks for everything you taught me.
No worries, I plan on uploading raw clips or redoing them like this one for the YT. I’m just more comfortable in interacting with people live if there’s no record of it. I may setup the patreon again and post recordings there, just don’t want to do it before it’s a routine
sir you did not show how to fix it
Waw, u r such a gem
I got a cat ?
Can you do more content about win api with c
heeyyy
Man oh man. More of this type of content please. Anyone know of a way to bypass cdn or cloud providers to find origin IP? My trusty python script that always works is failing on some of these cloud hosted sites or cloud firewall
ipp
dll
The website needs a domain renewal. Anyway thanks for the content.
First
Ippsec thank you very much