Nice! I really like the second unintended method because it shows whoever discovered this, knew how the code works in deep depth and how to exploit it. That's something I need to get good at!
Haha nope didn't really know the code in depth. Had looked in depth after finding it, null bytes is something I try a lot and when it didn't throw an error at upload, but the file never existed. Started debugging it and discovered what happened.
I remember popping this box. Figuring out the proper formatting for the file extension bypass was a pain. Trying all of them and also figuring out how to format it was educational. Once I got a foothold with that, it was a lot easier.
Great video! I actually have a few questions about the machine. There're actually two files that we can perform SQLi : product.php as shown in the video and cart.php at product_id parameter. However, we cannot write files with cart.php and I couldn't figure out why. Also for the lfi part, we can't include the file if the php file was written to /tmp directory. I was able to perform it on my machine but the machine didn't like /tmp.
There is tons of discord server where people do box together or help others people ;) That's also why i find the ranking a bit useless for most people, i interviewed a guy who was 48 or 58 on the ranking but didnt answer basic web question like what is a SSRF, didnt know what Magic bytes are...
You can't spell Zipping without Ipp
Doesn’t make any sense
Nice! I really like the second unintended method because it shows whoever discovered this, knew how the code works in deep depth and how to exploit it. That's something I need to get good at!
Haha nope didn't really know the code in depth. Had looked in depth after finding it, null bytes is something I try a lot and when it didn't throw an error at upload, but the file never existed. Started debugging it and discovered what happened.
I remember popping this box. Figuring out the proper formatting for the file extension bypass was a pain. Trying all of them and also figuring out how to format it was educational. Once I got a foothold with that, it was a lot easier.
I always learn sth new by watching you videos.TY
Amazing. Always great to see ippsec video
Great video! I actually have a few questions about the machine. There're actually two files that we can perform SQLi : product.php as shown in the video and cart.php at product_id parameter. However, we cannot write files with cart.php and I couldn't figure out why.
Also for the lfi part, we can't include the file if the php file was written to /tmp directory. I was able to perform it on my machine but the machine didn't like /tmp.
/tmp is a dangerous directory because of SystemD PrivateTmp. MySQL and Apache have different tmp directories.
Keep it up
It is really hard to see urls and payloads on browser address bar. Can you zoom a little when working on address bar? Thanx in advance.
Learned so much from this one :) Tnq sir
Can you kindly tell which keyboard you are using ?
Ducky Zero with cherry mx reds.
Yay
Push!
Sir I have many issue's on bookworm machine please could you help me to solve it 😉
There is tons of discord server where people do box together or help others people ;) That's also why i find the ranking a bit useless for most people, i interviewed a guy who was 48 or 58 on the ranking but didnt answer basic web question like what is a SSRF, didnt know what Magic bytes are...
@@trustedsecurity6039 thanks for your suggestion thanks a lot 🫡
i REALLY struggled with this one
Hi guys, beginner quest here, I should avoid use Ubuntu as main operating system ? Ippsec uses windows ?
Ippsec uses Parrot OS - HackTheBox Edition
@@younests.1824 vm or main host ?
Miss you sir , plz repying
قولها تاني كدا يحب
I hate watching your videos. I try hard to be on your level but I can't. You make things look easy, I'm thinking of staying away from this field
peace