watching ippsec keep trying to get /etc/passwd from a Windows machine made me feel better about myself :) he's actually human!

@damuffinman6895

Жыл бұрын

Lmao

Im a total beginner still watching these hard machines just because of you ippsec sir 👀 you are great wish me luck for my journey

Ippsec guru always rocks

Thanks, nice video

Its a great video.

Is that difficulty comparable with the oscp exam? If yes, I need to train more :)

Thanks

Thanks Ipp

❤️❤️❤️

Am I correct in stating that the two crucial mistakes of the admin(s) of this box were users reusing passwords, and winrm being enabled? (aside from being vulnerable to a SQL injection attack, lol)

I think the titles with just the machine name look way cleaner

@ippsec

Жыл бұрын

I agree - However, trying a few things to grow the channel and unfortunately, I believe the title has a significant role in the SEO.

Have you ever thought doing malware analysis? That would be good too

@ippsec . what are the specs for cpu/gpu for your kracken machine? hashcat is superfast it seems on your machine

@ShinigamiAnger

Жыл бұрын

Yes I'd like to know too, I have a good machine, but still hashcat takes forever everytime.

@ippsec

Жыл бұрын

This was a MD5 with no protection. I'm pretty sure it would go fast on any machine.

@ShinigamiAnger

Жыл бұрын

@@ippsec ah ok, I replied before getting to that point of the video. Thanks

at the end when i write the full-checkup.sh file in dev/shm and try to run system checkup, it still says something went wrong, after a few seconds seems like the machine automatically deleted the file I wrote, I even tried to only put echo 'hi' in the file to test, just in case there is a bug in my code, still says something went wrong, I followed all steps correctally, anyone knows what the problem is?

I was here to just copy what you do to just pwn the machine but, That was tremendous workload. I cant even image an insane machine if medium is like this. I have lots of work to do I guess to get a point where I pwn a machine on my own.

On the way to OSCP......🤩

I also want to learn what you have learned and I want it very much. Do you have a chance to show me a way?

a question, what is hotkey to send request when u're in repeater ??

@bethdevopsbunny7201

Жыл бұрын

default is ctrl+space you can change it in 'user options/misc/hotkeys/edit hotkeys' its the action "Issue Repeater request"

:D

why don't you use sqlmap

@ippsec

Жыл бұрын

It's not about getting the flag, it's about the journey. I could just try to run SQLMap everywhere but it is not perfect. I think understanding how to exploit things manually is important. I do show SQLMap on the login form at the end of the video, but where the union is there's a WAF that blocks SQLMap. Or worse, I have seen some apps get taken offline by SQLMap. I'm sure you can tamper your way around the WAF but I enjoyed learning the manual steps.

@WasiLi0x1e

Жыл бұрын

@@ippsec okey

Hey @IppSec love your content. you seam to have a slight audio issue this time. I think your noise gate is acting up. with headphones I can what I think is a fan in the background that is partially blocked but still getting through

@IppSec what you learn to get this experience I watching you from iraq 🇮🇶 😅