also more and more now I'm seeing 2 things I did not think I would see - 1. that learning tmux delivers a shell architecture that is très élégant, and 2. that learning vim also delivers a bunch of very quick ways to handle text that are oriented to the kind of data formatting we generally require... as much as I love nano and resisted vim... I'm starting to get it... like :%s/\s//g to "remove spaces" etc. etc.
thanks, IppSec! Oddly enough, I couldn't get the revised binpath to download and execute. It just never did anything for me. I ended up just putting my PS reverse shell script in the Downloads directory and configuring that as the revised binpath. That simplified the binpath command and worked just fine.
I'm really surprised .. I can't even reach the shell with just this exploit script .. (I've tried everything) I finally used burp for this and finally.. it worked
Who can help me I want to doing blunder box but i using parrot security when i want to enter to the web page still loading but when i use curl - x GET 10.10.10.191:80 i got the reponse back What the problem Am using firefox browser and chromium and the some thing still loading
@@johncollins9466 what can i edit in vpn file i download it from hackthebox and after that am using openvpn to connect I try using chromium but the some as Firefox no reponse
The "oh god" when not filtering on ICMP for tcpdump was hilarious, sums up a lot of my work day in enterprise IT lol
Happy teachers day ippsec another great video from you i always appreciate the efforts keep up the awesome work
Great video as always, you always give me many new insights since my way of rooting this box was completely different!
The way he said Oh my god at 17:58 cracked me up 😂😂😂
iwr command is very useful. Thank you.
also more and more now I'm seeing 2 things I did not think I would see - 1. that learning tmux delivers a shell architecture that is très élégant, and 2. that learning vim also delivers a bunch of very quick ways to handle text that are oriented to the kind of data formatting we generally require... as much as I love nano and resisted vim... I'm starting to get it... like :%s/\s//g to "remove spaces" etc. etc.
40:24 "that box is currently offline" Why? Are you replacing the 4x GTX 1080Ti's with 4x RTX 3090s? lol
It's being used for work, I disconnect it from the network when I'm cracking sensitive things.
Wait he already has the RTX 3090s??
Ankit Kumar No that was just a joke
It is a Windows Server 2019, this OS should be safe againt Juicy Potato / RottenPotato, so why Rotten Potato in this machine works?
Do you use parrot OS now? If so what made you switch?
He is using HTB's pwnbox which is basically a web-based Parrot OS. (just to showcase it).
Are there 2 intended ways? UsoSvc and local port service (not rogue potato)
Great video!
I would like to see a live stream hax 🙃🙈
What theme is this ?
If there was an IP for the nfs what would you have to do to get past that?
Bloodyhell ssmith and hash was rabbit hole..now only I came to know😂😂
Say hello to hairy bagel group :)
Punisher - hi, i know you see it ))))
Why always a separate folder www is made when the code needs to be copied to the attack server to execute?
It doesn’t have to be. I just do it so I know what files I’m exposing via http.
@@ippsec oh I see, a very good practice indeed.
The aspx exploit is no longer available
didn't explain why rogue potata would work on the machine
Awesome, thank's
Nice
thanks, IppSec! Oddly enough, I couldn't get the revised binpath to download and execute. It just never did anything for me. I ended up just putting my PS reverse shell script in the Downloads directory and configuring that as the revised binpath. That simplified the binpath command and worked just fine.
🤗🤗
nice
For the life of me I cannot get a ping from this - anyone have any troubleshooting tips?
my guy...
@@johncollins9466 yoooh...you have turn IppSec channel to be a chatting room..LOL
CYBER MONSOON I remember him being named IppsecJr, so he is probably just a big fan
I'm really surprised .. I can't even reach the shell with just this exploit script .. (I've tried everything) I finally used burp for this and finally.. it worked
looks like @john hammend also know your channel 🙊
Can you share your .bashrc file thanks
PLEASE. DO TRYHACKME THROWBACK...
all the things all the time that is IppSec
first
C++ second
Lol, you are using your own service that you configured before, not the intended way... /* On .
p.exe */, Why didn't you read the readme?
Who can help me
I want to doing blunder box but i using parrot security when i want to enter to the web page still loading but when i use curl - x GET 10.10.10.191:80 i got the reponse back
What the problem
Am using firefox browser and chromium and the some thing still loading
@@johncollins9466 Firefox
@@johncollins9466 i can ping it but when using gobuster or when i want to access web browser keep loading without reponse
@@johncollins9466 what can i edit in vpn file i download it from hackthebox and after that am using openvpn to connect
I try using chromium but the some as Firefox no reponse