Sorry to see the documentation steps dropped, they were interesting in their own right - also the video ends at 28:11 but then continues for almost 10 minutes as dead space.
@@Vogel42 DraugaDae has a valid point, seeing how recon works on his own machine can help others in reconning and understanding VulnBox/self made ctfs. I believe strongly that self ctfs are harder because you already know how stuff works but you need to have the attacker mind and how somebody else will approach it
This was one of your better quality presentations. Thanks. Beautiful job. You are inspiring me through all aspects of network, OS, and device security. ❤️❤️❤️
Excellent as always! That is why I always limit the SSH logon by Public/Private Keys and creating a dedicated group that is only allowed to SSH as well is locking in SSH traffic by specific IP address or subnets!
When doing sql queries, if you add \G to the end, it will show the fields in a vertical list which makes tables with a lot of fields sooo much easier to read. e.g., SELECT * FROM users\G;
Running Hydra against SSH - root user and using a password list containing the correct password didn't create a hit. Has anyone else seen Hydra perform false negatives?
hello IppSec i'm korean and I am watching your video well when I study. Anyway I have a question in this video What is the support ticket? and how does the authentication email appear in the ticket? I'd appreciate it if you could tell me
If you ever do a DCSYNC against a company, just try it and you'll be surprised. It's just how the rule files work that makes it beneficial, hard to explain without just doing it.
Can anyone recommend some webapp pentesting content? Recently sat OSCP and found web was my main weakness. Just looking for some good resources. Cheers
Sorry to see the documentation steps dropped, they were interesting in their own right - also the video ends at 28:11 but then continues for almost 10 minutes as dead space.
i don't think he needs to recon his own box :)
@@Vogel42 Can't imagine he needs to hack it either, yet here we are!
@@Vogel42 DraugaDae has a valid point, seeing how recon works on his own machine can help others in reconning and understanding VulnBox/self made ctfs. I believe strongly that self ctfs are harder because you already know how stuff works but you need to have the attacker mind and how somebody else will approach it
Kudos to such dedication towards the infosec community.
This was one of your better quality presentations. Thanks. Beautiful job. You are inspiring me through all aspects of network, OS, and device security.
❤️❤️❤️
Damn!!! Your box is original, there's the hunting logic, detailed and yet fast enough...
You nailed it! 💯🔥
Lol that intro.. so I am gonna be biased and say it’s amazing.... 😂 😆
Anyway great video ippsec!!!!!
Excellent as always! That is why I always limit the SSH logon by Public/Private Keys and creating a dedicated group that is only allowed to SSH as well is locking in SSH traffic by specific IP address or subnets!
ippsec setup tour please
That was my first box on HTB. Thanks a lot for all your work.
When doing sql queries, if you add \G to the end, it will show the fields in a vertical list which makes tables with a lot of fields sooo much easier to read. e.g., SELECT * FROM users\G;
Solving your own box lol, I loved this box though keep it up please
Loved the walkthrough! Thanks ippsec
Great 1 as isual! That python smtp script was brilliant!
I did this the other day, it was a cool machine :)
thanks for the box and for the walkthrough
Running Hydra against SSH - root user and using a password list containing the correct password didn't create a hit. Has anyone else seen Hydra perform false negatives?
Finally Ippsec's face reveal 😌
Where?
@@EnglishItalian1 goto Hackthebox official channel with he is with JohnHammond
I enjoyed this box. I thought the foothold method required a bit of "outbox thinking" =)
a how-to-create-a-ctf-machine would be a great tutorial :)
hello IppSec i'm korean and I am watching your video well when I study.
Anyway I have a question in this video
What is the support ticket? and how does the authentication email appear in the ticket?
I'd appreciate it if you could tell me
did not understand why you would chuck the plaintext pass in hashcat again. It would not even be a valid hash
If you ever do a DCSYNC against a company, just try it and you'll be surprised. It's just how the rule files work that makes it beneficial, hard to explain without just doing it.
Amazing Videos
Push!
Anyone know where i can find similar config for tmux like the one in IPPsec looks very nice to look at
Thank you
Can anyone recommend some webapp pentesting content? Recently sat OSCP and found web was my main weakness. Just looking for some good resources. Cheers
It's ippsec!!!
And the guy who found this bug was inti , asome hacker🔥
Audio is kind of wack at times. Is it on my end or anyone else having problems as well?
I agree, it's a bit painful to watch with headphones
Sir what about setting up htb vms with nginx??
1st
Ippsec OP
You do know that a face increases engagement substantially..
Dude this is not a Beyonce concert…
I’m here to teach, not be popular or an influencer. The cam gets in the way of text and doesn’t have any real benefit
@@ippsec the first thing to do with a new laptop sticker the webcam lens. :) greetts @rootsh3ll1
Bro we are here for the content and methodology. Camera would be an irrelevant adittion.
@@ippsec The cam gets in the way of text, nicely put