I really don't understand how this machine is considered "Easy", and i'm terrified what will the "Medium" ones be...

@waybetter4462

3 ай бұрын

Welcome to the Hackthebox community!❤😅

The invite code thing is like looking at something you wrote when you were in high school. You remember that it really broke your brain when you did it initially, but all the experience you have gotten since then has made it beyond trivial.

I’m glad you said you had trouble solving the invite code back in the day because so did I lol

I am not the only one who had to lookup the invite code! Great box, brings back memories for sure

This was one of the best videos you made. I love seeing your methodology and problem-solving techniques in the face of the unknown, it gives me the strength to keep learning. Do more like this, please!

Do you go through the boxes before filming or are you just naturally talented? :) great video as always

this is a different level of amazing watching, after solving this - still learned a lot

Congrats on 200K

Great work - waiting for the next one

An ippsec vid on a Wednesday? This feels like when GoT episodes gets leaked 😂

Nicely done, thank you 👍

I love everything about this and can't wait for you to complete the cliffhanger!

@ippsec

Жыл бұрын

It will be slightly longer than I expected, it's a lot more complicated than I expected. But I'll certainly put something out there soon as I can. You can see I created an issue on Linux Exploit Suggestors repo :)

Hey Ippsec, I have a question regarding the regex in remove_special_characters. I have seen this regex used in many web applications, some as apart of ID sanitisation in dynamic queries. I got them impression from your video that it'd be possible to bypass this regex. Would it be possible to comment on it further? It might even be a good separate video. Thanks

Which computer and software do you use

Any idea where he uploaded the next part of the video "Beyond Root- Adding overlay FS"?

Bravo maestro)))

Wow thank u

Thnx!

so do you use everytime put, if you want to update smth?

Do you prefer ferobuster or gobuster?

I really missed "We have alreadyyyy rannnn itt "

I saw this machine getting released on HTB, now it's no longer present. Is it only for you to show us your approach to solving machine or?

@huntit4578

Жыл бұрын

Its Retired

@huntit4578

Жыл бұрын

You can still access it

Hey man do you know why i cant i get "Server Not Found" when i try to load up the site on that machine?

This box is so intimidating. If this is considered easy then I'm scared of what's to come

CHEF CRISP WUZ HERE!

Using JS-Beautify 1.15.1 and CyberChef, both seem to fail to de ofuscate the javascript min.js file

@colmcarroll3413

27 күн бұрын

I had the same issue but ChatGPT worked for me

Is it possible that you will solve the soccer box without using sqlmap? I've been really struggling with it, plus I think its a really interesting machine. Regards from Spain :)

@ippsec

Жыл бұрын

Nope I’ll use sqlmap. There are videos where I do Boolean injection without it

@ruthlozanorodriguez207

Жыл бұрын

@@ippsec Okay! Thanks eitherway for all the content you give us ☺

Do you have more videos of solving boxes without previous experience with them?

@ippsec

Жыл бұрын

Some of the Easy ones back in like 2021 probably. There was a time when I did them more blind, but I started reviewing boxes before they went live to players, so its hard to do a true blind play through.

@leakim4975

Жыл бұрын

@@ippsec Ok thanks. Love your content and Im always learning something new from every video! Keep doing your thing!

first time seeing that kracken what is it? a custom machine made by you or a new server to crack hashes?

@ippsec

6 ай бұрын

Its just a box I have on my network.

Push!

I didn't understand why we would need to add the hostname to the hosts file? And how do we get to that conclusion by entering to the website and getting the not found result? (I started HTB a few weeks ago, I'm still a noob, can someone explain me?)

@ippsec

4 ай бұрын

When doing these types of CTF’s there is no DNS Server. Some websites do virtual host routing, which makes DNS important. Editing the host file mimics having a dns server. I don’t remember how this box leaked the hostname but I’m sure if you watch from nmap, it’s probably around there. Normally it’s ssl certificates

@joaobeja2076

4 ай бұрын

It was from nmap! Thanks for the help !!

Oh no, my calendar must be two days off‼️😅

sir i am a free user of hack the box and i cant get the virtual machine in my windows for longer time is there any other option to get virtual machine for free inmy windows to work for the machines in hack the box sir

How do you display your own IP in your terminal prompt? Please let me know

@alexb9771

5 ай бұрын

ip a

how to copy text from tmux & pasting outside tmux ?

@james-wihz

Ай бұрын

for now my discovery is to used shift and select text I want to copy and right click to paste it. Wonder, how do you purely used command :)

Hi!

31:07 interesting..

why do we need a header? and why should the header be a cookie?

@ippsec

11 ай бұрын

Helps if you put a timestamp of where your question is. I don't know exactly what you are asking

@rockedwow7217

11 ай бұрын

@@ippsec sorry about that. the time stamp is 17:17

@tnwhitwell

11 ай бұрын

It’s because it’s an authenticated endpoint - you need the Cookie header for an authenticated session

AAA!

Oops! Go back to the old school :v

Ipp, you should create a box called "Your mom"

ssh kracken command not given output as how in video instead it gives failed to resolve hostname or Service anyone can help me with this

@ippsec

11 ай бұрын

Kracken is a box on my network, you can run hashcat on your computer

mice

Wtf?))

I'd like to understand more how the command injection vulnerability works.

I don't know why this box is rated as "Easy" it's pretty far from it

@dharanisanjaiy

Жыл бұрын

I guess, u r new to HTB platform 😂