I'm not sure what I'm more impressed by. It's either, that he's talking on 1.5x speed by default, without a single mistake or that he's hacking the machine with the same kind of routine and ease as I tie my shoelaces.
Would love to see an active directory cloud setup and attack vid. There are some out there, I just really like your style. Regardless, thanks for all the great vids
Hi IppSec, great video btw! Can you please share the contents of your /opt/ directory (Assuming it only contains open-source utilities). Thx in advance!
@@ippsec I appreciate your prompt response! I was just wondering if there was some sort of a list of tools that you commonly use for such exercises; It can be quite annoying to do all the things manually, only to find in the end that there is already a handy utility made for the same thing.
@@ippsec Sorry, I just realised that my initial comment was not phrased correctly; I was not looking for the actual contents of your /opt/ directory xD I was wondering if you can share the tool names that you use (From what I've seen in your videos, the parent folders are named the same, so something like an "ls" output would do).
Very nice video. I had an issue though. When I applied the cert vuln and running Certify again, "Server Authentication" was not there. Client and SmartCard were. Dunno why since I copied the same thing from the blogpost.
Watching this with absolute no clue as to what he is doing, but fully captivated.
I'm not sure what I'm more impressed by.
It's either, that he's talking on 1.5x speed by default, without a single mistake or that he's hacking the machine with the same kind of routine and ease as I tie my shoelaces.
Master piece!! I was looking for something like this in order to understand Certified Pre-Owned, outstanding explanation.
I was expecting a fire mixtape when i clicked this and stayed because of your calming voice. Thanks i guess :D
ahhahaha holy shit I was feeling the same :d
Would love to see an active directory cloud setup and attack vid. There are some out there, I just really like your style.
Regardless, thanks for all the great vids
I had to watch this. It was so hypnotic.
Gonna watch tonight. 🙌
Ippsec rocks! 🔥
bro you soooooo gooood respect
Another wonderful walkthrough
Thank you for this video! I learned so much from it
yay.... finally long video
Great explanation!
I just missed the part where you found out the username to be "localadmin" of the smb share?
He got the hash of that password with responder, and the hashes have the name:domain:hash structure
NetNTLMv2 hash captured by responder.
Hi IppSec, great video btw!
Can you please share the contents of your /opt/ directory (Assuming it only contains open-source utilities).
Thx in advance!
Sorry, nope. There’s potentially sensitive things created by the tools in there. For example responder stores hashes in responder.db
@@ippsec I appreciate your prompt response!
I was just wondering if there was some sort of a list of tools that you commonly use for such exercises;
It can be quite annoying to do all the things manually, only to find in the end that there is already a handy utility made for the same thing.
@@ippsec Sorry, I just realised that my initial comment was not phrased correctly; I was not looking for the actual contents of your /opt/ directory xD
I was wondering if you can share the tool names that you use
(From what I've seen in your videos, the parent folders are named the same, so something like an "ls" output would do).
Watch some 10-15 videos and take notes as you go. You'll quickly figure out which tools are essential and which are added "as you go".
Nice.
Very nice video. I had an issue though. When I applied the cert vuln and running Certify again, "Server Authentication" was not there. Client and SmartCard were. Dunno why since I copied the same thing from the blogpost.
what is the name of this theme programming, I do not understand
responder is such a great tool!
Good video!
How is it possible that this box was rooted in 26 minutes? A zero day that we don't know?
The creator had set the admin password of the docker to the same thing as the host. So there was an unintended where you could pass the hash
❤️
From which playlist of you i can start for ctf plz answer
Grate to watch Kermit the frog doing this
What operating system are you using
first, what is the terminal he used, so that it can be split into multiple screen when necessary?
tmux
What is your linux distribution? or you working on mac?
👏🏻👏🏻👏🏻👏🏻👏🏻
Where and how can I learn the prerequisites for this info
damn it, i was hoping that intended way is not through cert
Where did my comment about chisel go?
No idea, I never saw a comment about chisel and don't see one in the "held for review" section.
@@ippsec YT is deleting my comments! Seems i Have a buzzword in it.
damn for a sec i thought u figured out how to hack rekordbox because of ur logo
It's me your fan
What is this?? I'm lost but also interested.
I have no Iddea of hacking and coding, but sat through th whole video. still have no idea, what u did. but likd it anyway.
Amazing Sir, I've learnt a lot from you. Can you please cover the new IIS dos & rce cve?
Are you trying ssti on RUclips username filled 😂😂😂😂
49
@@tntxqx8281 yes I was 🐒
@@democsrf2793 thanks for showing interest 😝
Where can I learn it?
This box I had no clue how to exploit it
Sir please solve Active Directory labs related to oscp ❤️❤️❤️🙏
No way for me to know what’s on that exam.
He should rather do a live stream of exam itself.. 😂😂😂
This is the longest thing ive watched that i dont understand
Having Smartcard login is just a open door sign.
GD ANUBIS??
YOU SAID ANUBIS WRONG
Bro, U hacked my youtube recommendations , not box.
bro slow down a little bit and explains a little bit what are you doing and why are you doing and steps please....
Realy insane
Hello I have tried the Rubeus and reset multiple times; however, I keep getting this error KDC_ERR_PADATA_TYPE_NOSUPP
Proof @ippsec is leet: check the tmux time in the bottom right of his terminal @52:34