also more and more now I'm seeing 2 things I did not think I would see - 1. that learning tmux delivers a shell architecture that is très élégant, and 2. that learning vim also delivers a bunch of very quick ways to handle text that are oriented to the kind of data formatting we generally require... as much as I love nano and resisted vim... I'm starting to get it... like :%s/\s//g to "remove spaces" etc. etc.
thanks, IppSec! Oddly enough, I couldn't get the revised binpath to download and execute. It just never did anything for me. I ended up just putting my PS reverse shell script in the Downloads directory and configuring that as the revised binpath. That simplified the binpath command and worked just fine.
I'm really surprised .. I can't even reach the shell with just this exploit script .. (I've tried everything) I finally used burp for this and finally.. it worked
Who can help me I want to doing blunder box but i using parrot security when i want to enter to the web page still loading but when i use curl - x GET 10.10.10.191:80 i got the reponse back What the problem Am using firefox browser and chromium and the some thing still loading
@@johncollins9466 what can i edit in vpn file i download it from hackthebox and after that am using openvpn to connect I try using chromium but the some as Firefox no reponse
The "oh god" when not filtering on ICMP for tcpdump was hilarious, sums up a lot of my work day in enterprise IT lol
Great video as always, you always give me many new insights since my way of rooting this box was completely different!
Happy teachers day ippsec another great video from you i always appreciate the efforts keep up the awesome work
also more and more now I'm seeing 2 things I did not think I would see - 1. that learning tmux delivers a shell architecture that is très élégant, and 2. that learning vim also delivers a bunch of very quick ways to handle text that are oriented to the kind of data formatting we generally require... as much as I love nano and resisted vim... I'm starting to get it... like :%s/\s//g to "remove spaces" etc. etc.
iwr command is very useful. Thank you.
The way he said Oh my god at 17:58 cracked me up 😂😂😂
It is a Windows Server 2019, this OS should be safe againt Juicy Potato / RottenPotato, so why Rotten Potato in this machine works?
Do you use parrot OS now? If so what made you switch?
He is using HTB's pwnbox which is basically a web-based Parrot OS. (just to showcase it).
40:24 "that box is currently offline" Why? Are you replacing the 4x GTX 1080Ti's with 4x RTX 3090s? lol
It's being used for work, I disconnect it from the network when I'm cracking sensitive things.
Wait he already has the RTX 3090s??
Ankit Kumar No that was just a joke
Are there 2 intended ways? UsoSvc and local port service (not rogue potato)
If there was an IP for the nfs what would you have to do to get past that?
What theme is this ?
Why always a separate folder www is made when the code needs to be copied to the attack server to execute?
It doesn’t have to be. I just do it so I know what files I’m exposing via http.
@@ippsec oh I see, a very good practice indeed.
didn't explain why rogue potata would work on the machine
Say hello to hairy bagel group :)
Punisher - hi, i know you see it ))))
Great video!
Bloodyhell ssmith and hash was rabbit hole..now only I came to know😂😂
thanks, IppSec! Oddly enough, I couldn't get the revised binpath to download and execute. It just never did anything for me. I ended up just putting my PS reverse shell script in the Downloads directory and configuring that as the revised binpath. That simplified the binpath command and worked just fine.
I would like to see a live stream hax 🙃🙈
The aspx exploit is no longer available
🤗🤗
Awesome, thank's
Nice
For the life of me I cannot get a ping from this - anyone have any troubleshooting tips?
nice
I'm really surprised .. I can't even reach the shell with just this exploit script .. (I've tried everything) I finally used burp for this and finally.. it worked
Can you share your .bashrc file thanks
my guy...
@@johncollins9466 yoooh...you have turn IppSec channel to be a chatting room..LOL
CYBER MONSOON I remember him being named IppsecJr, so he is probably just a big fan
looks like @john hammend also know your channel 🙊
first
C++ second
PLEASE. DO TRYHACKME THROWBACK...
all the things all the time that is IppSec
Lol, you are using your own service that you configured before, not the intended way... /* On .
p.exe */, Why didn't you read the readme?
Who can help me
I want to doing blunder box but i using parrot security when i want to enter to the web page still loading but when i use curl - x GET 10.10.10.191:80 i got the reponse back
What the problem
Am using firefox browser and chromium and the some thing still loading
@@johncollins9466 Firefox
@@johncollins9466 i can ping it but when using gobuster or when i want to access web browser keep loading without reponse
@@johncollins9466 what can i edit in vpn file i download it from hackthebox and after that am using openvpn to connect
I try using chromium but the some as Firefox no reponse