I have just passed my OSCP exam thanks to your incredible videos, watched every single video on this channel and it is definitly worth every minute i have spent here, Thank u so much ippsec..❤
I have finished the oscp in about 1 month as i have done about 12-14 hours a day, but finished the penetration tester path in the htb academy before starting the OSCP which helped me massively, definitely recommend atudying the penetration tester path as it goes in much more details than oscp.
@@B4ch4r Seriously 12 to 14 hours..? a day..? You have that strong mindset, or discipline you want to call it, and you be grinding hard for hours in a month lmao
First HTB I managed to get user on without any walkthrough or hints. Very interesting to see how a pro approached it. Thanks for all the amazing content.
awesome work man! ,regarding the $- i don't think it is a junk variable in your example $- is a special parameter that expands to the current options or flags set for the shell.
Yes public keys of the server, just used to prevent man in the middle attacks. Your computer saves them to the known hosts file and if it’s different your computer alerts you. They can’t just be copied as it doesn’t send to private key
Just wanted to point out but the reason the payload at 9:15 didn't work is because the "&" in payload weren't properly URL-encoded meaning they were acting as parameter terminators. If the & were encoded properly, and the final $IFS had some sort of terminator character after it so that the 0 wouldn't be seen as part of the ENV name, it's possible the reverse shell would have worked fine.
for some reason that I didn't find yet, my netcat is not listening and if I insert my IP in the input box, it starts loading for long time but nothing happens. I'm following all the steps executed bu IpSec but nothing happns. Do someone know what it might be?
It would be lovely if you do the boxes from the start with no knowledge of another channel then we can also learn how to face real challenges like the IFS problem here
I have just passed my OSCP exam thanks to your incredible videos, watched every single video on this channel and it is definitly worth every minute i have spent here, Thank u so much ippsec..❤
Awazing you live my dream! How often did you learn?
I have finished the oscp in about 1 month as i have done about 12-14 hours a day, but finished the penetration tester path in the htb academy before starting the OSCP which helped me massively, definitely recommend atudying the penetration tester path as it goes in much more details than oscp.
@@B4ch4r Seriously 12 to 14 hours..? a day..?
You have that strong mindset, or discipline you want to call it, and you be grinding hard for hours in a month lmao
THE LEGEND HAS SPOKEN‼️
My precious
Awesome stuff , looking forward to get more videos on command injection.
First HTB I managed to get user on without any walkthrough or hints. Very interesting to see how a pro approached it. Thanks for all the amazing content.
Thanks everyone for this course
Thanks man your content so good i love it.....
hey ippsec thanks for the video I have a question when you googled the ryby yaml deseialization how did you think about that in the first place
YAML Deserialization is pretty common. When untrusted input gets into things that can be turned into objects, deserialization is a common attack path.
awesome work man! ,regarding the $- i don't think it is a junk variable in your example $- is a special parameter that expands to the current options or flags set for the shell.
Ok I know that de-serialization is the concept of return object from a shape to another. why do you think this will help here?
I have a question. When you run the nmap and find port 22 open and see the keys, are those useful for anything? Are they public keys of the server?
Yes public keys of the server, just used to prevent man in the middle attacks. Your computer saves them to the known hosts file and if it’s different your computer alerts you. They can’t just be copied as it doesn’t send to private key
@@ippsec thanks man
Just wanted to point out but the reason the payload at 9:15 didn't work is because the "&" in payload weren't properly URL-encoded meaning they were acting as parameter terminators. If the & were encoded properly, and the final $IFS had some sort of terminator character after it so that the 0 wouldn't be seen as part of the ENV name, it's possible the reverse shell would have worked fine.
for some reason that I didn't find yet, my netcat is not listening and if I insert my IP in the input box, it starts loading for long time but nothing happens. I'm following all the steps executed bu IpSec but nothing happns. Do someone know what it might be?
"Nice, simple, easy box!"
Hahaha yeah...that was so simple... >.>
My heart ippsec.. i am red teamer , but when we listen purple teamer ...wawoo
It would be lovely if you do the boxes from the start with no knowledge of another channel then we can also learn how to face real challenges like the IFS problem here
Awesome video ❤
15:45 can't you just use base64 encode form in combo with $IFS or ${IFS}
i love you
Push!
Second !!
Easypeasy
First!