This was amazing!!! thank you. I love how you take us through this really long learning path of swapping out the architecture and finally getting the metasploit payload to work. Then right at the end you do in a second by using Evil-WinRM and the powershell script. This was an immensely fun box.
Must say that I liked more the videos where you solved the machines for the first time on the video itself, but you're rocks this way too of course, well done ;)
This is really interesting timing considering I spent most of yesterday turning off FTP, SMB and changing SNMP community strings for a lot of printers in our environment, and changing default passwords if I found any…
Great video! Question, when you created the MsfVenom exploit file, are we able to specify/use a non-meterpreter payload too? and if we go that route can I use netcat instead of metasploit to catch the shell?
5:33 how to make Firefox to run whatever we type to execute as domain instead of default Google search. Cus when ever I type an IP address it takes me to Google. I have to type http at least at the beginning.
He is using the htb parrot machine , which comes with a bunch of pre-installed tools , but if u want i guess u can just git clone and install the requirements
hello can you make the new machine removed from hackthebox OBJECT please!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
This was amazing!!! thank you.
I love how you take us through this really long learning path of swapping out the architecture and finally getting the metasploit payload to work.
Then right at the end you do in a second by using Evil-WinRM and the powershell script.
This was an immensely fun box.
MFP certainly stands for MultiFunction Printer and nothing else, I can't think of any other (possibly obscene) meaning for the letters M and F.
Correct.
Correct x2.
Must say that I liked more the videos where you solved the machines for the first time on the video itself, but you're rocks this way too of course, well done ;)
This is really interesting timing considering I spent most of yesterday turning off FTP, SMB and changing SNMP community strings for a lot of printers in our environment, and changing default passwords if I found any…
So the intended way was way I didn't even notice. Nice.
Great video! Question, when you created the MsfVenom exploit file, are we able to specify/use a non-meterpreter payload too? and if we go that route can I use netcat instead of metasploit to catch the shell?
Waaao. I like very much this. I am happy for this tutorials.
i was waiting for it🥰
Thanks Ippsec! Great video!
🔥🔥 awesome, thanks for interest content
Good job bro
What happened at 33:44? The exploit created session 5 before you Ctrl+c?
Thank you for your videos, IppSec.
Great!
5:33 how to make Firefox to run whatever we type to execute as domain instead of default Google search. Cus when ever I type an IP address it takes me to Google. I have to type http at least at the beginning.
👏🏻👏🏻👏🏻👏🏻👏🏻👏🏻👏🏻
Wouldn't uploading the SCF file to an MFP as a firmware update in a prod environment potentially break the MFP?
@3:00 would 389 be open if it was a DC / TGS?
I checked the patreon for peass, and there’s only 1 extra patreon :(
I will - the MFA for my patreon is setup to an old phone. So I'm locked out temporarily lol
@@ippsec that is ironic lol
This is called penetration testing right?
That would be the job title?
crack dealer
Yeah penetration hardens the system iukwim
Thanks ippsec nice video
IPP/CUPS is 631? I've forgotten what lpd is...lost in the annals of time...let's see what happens here...
515 I think...however, it's Windows which is being attacked, not the printer :-)
How did u install evilwinrm on parrot os? Im having trouble installing it thats y
He is using the htb parrot machine , which comes with a bunch of pre-installed tools , but if u want i guess u can just git clone and install the requirements
prince
O.k. Ok... wtf is a "lull bend"?!?! lol Google gives me nothing!
first veiw
Check out my writeup 😁😁
No
hello can you make the new machine removed from hackthebox OBJECT please!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!