Nice! I really like the second unintended method because it shows whoever discovered this, knew how the code works in deep depth and how to exploit it. That's something I need to get good at!
Haha nope didn't really know the code in depth. Had looked in depth after finding it, null bytes is something I try a lot and when it didn't throw an error at upload, but the file never existed. Started debugging it and discovered what happened.
I remember popping this box. Figuring out the proper formatting for the file extension bypass was a pain. Trying all of them and also figuring out how to format it was educational. Once I got a foothold with that, it was a lot easier.
Great video! I actually have a few questions about the machine. There're actually two files that we can perform SQLi : product.php as shown in the video and cart.php at product_id parameter. However, we cannot write files with cart.php and I couldn't figure out why. Also for the lfi part, we can't include the file if the php file was written to /tmp directory. I was able to perform it on my machine but the machine didn't like /tmp.
There is tons of discord server where people do box together or help others people ;) That's also why i find the ranking a bit useless for most people, i interviewed a guy who was 48 or 58 on the ranking but didnt answer basic web question like what is a SSRF, didnt know what Magic bytes are...
![Automating Malicious Zip with Symlinks [HackTheBox Zipping]](http://i.ytimg.com/vi/NPlkZVm-C7M/mqdefault.jpg)
Nice! I really like the second unintended method because it shows whoever discovered this, knew how the code works in deep depth and how to exploit it. That's something I need to get good at!
Haha nope didn't really know the code in depth. Had looked in depth after finding it, null bytes is something I try a lot and when it didn't throw an error at upload, but the file never existed. Started debugging it and discovered what happened.
Amazing. Always great to see ippsec video
I always learn sth new by watching you videos.TY
I remember popping this box. Figuring out the proper formatting for the file extension bypass was a pain. Trying all of them and also figuring out how to format it was educational. Once I got a foothold with that, it was a lot easier.
Great video! I actually have a few questions about the machine. There're actually two files that we can perform SQLi : product.php as shown in the video and cart.php at product_id parameter. However, we cannot write files with cart.php and I couldn't figure out why.
Also for the lfi part, we can't include the file if the php file was written to /tmp directory. I was able to perform it on my machine but the machine didn't like /tmp.
/tmp is a dangerous directory because of SystemD PrivateTmp. MySQL and Apache have different tmp directories.
Learned so much from this one :) Tnq sir
You can't spell Zipping without Ipp
Doesn’t make any sense
It is really hard to see urls and payloads on browser address bar. Can you zoom a little when working on address bar? Thanx in advance.
Keep it up
Bro that's insane
Can you kindly tell which keyboard you are using ?
Ducky Zero with cherry mx reds.
Sir I have many issue's on bookworm machine please could you help me to solve it 😉
There is tons of discord server where people do box together or help others people ;) That's also why i find the ranking a bit useless for most people, i interviewed a guy who was 48 or 58 on the ranking but didnt answer basic web question like what is a SSRF, didnt know what Magic bytes are...
@@trustedsecurity6039 thanks for your suggestion thanks a lot 🫡
Push!
Yay
i REALLY struggled with this one
Hi guys, beginner quest here, I should avoid use Ubuntu as main operating system ? Ippsec uses windows ?
Ippsec uses Parrot OS - HackTheBox Edition
@@younests.1824 vm or main host ?
Miss you sir , plz repying
قولها تاني كدا يحب
I hate watching your videos. I try hard to be on your level but I can't. You make things look easy, I'm thinking of staying away from this field
peace