I like your way of doing these boxes "unprepared". I learn a lot from you keep fighting your own errors. More often than not you do something "minor" which I've never heard of, or did myself or even would have thought about. So, don't worry about it too much. At least I like it. ;)
Hey IPP is there any chance you can do some explaining videos just talking through the consepts of the different exploites and attacks you use in a bit more detail to give some more background knowledge to your CTF videos
I don’t believe so, not free at least. Honestly it’s just not fun to put together the material to explain that stuff efficiently. Maybe one day I’ll have enough of a following to where i could make a living off of training/content creation but that’s years away if at all.
IppSec well I think u deserve more of a following as the content you create is great however mabey it's because it isn't being recognised by the UA-cam audience as it's quite full-on however keep doing what u do as I love Ur videos
Just google around for Frame Buffer on linux, that's what the /dev/fb said -- When I did the who command, it showed yossi was logged in and being in the Video Group I could view the "monitor" (/dev/fb0)
Is it possible to increase the volume of your audio going forward? I always find it really quiet and hard to hear, which makes it hard to follow and i'm often having to rewatch sections just to catch what you said. Great videos though, learnt a lot.
Great technique on the debugfs, did not know about that one, I ended up dd'ing the whole drive over scp, took some minutes but was able to recover root.txt that way
If we map wget ubuntu patch for CVE-2016-4971 ( bugs.launchpad.net/ubuntu/+source/wget/1.17.1-1ubuntu1.1 ) it falls on June 2016, whereas SSH banner maps to Jan 2018. Of course this vuln is patched.
btw you can also put metasploit modules modules in $HOME/.msf4/modules/exploits/..... if they don't require any special framework changes. So you don't have to clone the whole git repo (and maybe ruin your installations because of bundle install :) ).
Good call, created the skeleton now just in case i need it. Hadn't dont it because I forgot the directory structure and didn't feel like doing it live haha
I remember you explained how to split the terminal windows like you do, I just can't remember which video it was. Could you or anyone point me to that video. Great video once again.
Indeed RationalLove was patched, the easiest way to detect is by following Ubuntu security notices ( ubuntu.com/security/CVE-2018-1000001 ) . "Released (2.23-0ubuntu10) " matches exactly our glibc version.
![WE GOT ACCESS TO GPT-3! [Epic Special Edition]](http://i.ytimg.com/vi/iccd86vOz3w/mqdefault.jpg)
Loved, that gid:6(disk) privesc with debugfs, that was badass !
I like your way of doing these boxes "unprepared". I learn a lot from you keep fighting your own errors. More often than not you do something "minor" which I've never heard of, or did myself or even would have thought about. So, don't worry about it too much. At least I like it. ;)
Thanks for showing the SQLi at the end. I always wondered how to do it without SQLMap
"perl get away" XD
I love manual SQLi technique. Enjoyed.
thanks ippsec for all your videos i really appreciate it and enjoy watching you .. and learning from you
thank you so much for all the videos ! very educational for me .
now im craving falafel
Great! Thanks for Sharing! Love the python stuff :)
A Million thank you for all of this , you Rock
This is really nice video and it has add more value to my work now.... hope to learn more thanks boss
19:57 I think Ippsec is talking about the Kotarak box
Hey IPP is there any chance you can do some explaining videos just talking through the consepts of the different exploites and attacks you use in a bit more detail to give some more background knowledge to your CTF videos
I don’t believe so, not free at least. Honestly it’s just not fun to put together the material to explain that stuff efficiently. Maybe one day I’ll have enough of a following to where i could make a living off of training/content creation but that’s years away if at all.
IppSec well I think u deserve more of a following as the content you create is great however mabey it's because it isn't being recognised by the UA-cam audience as it's quite full-on however keep doing what u do as I love Ur videos
Finally, thank you
Great vid as always ippsec. Where can I find more info/resources on how/what you did get the video output image?
Just google around for Frame Buffer on linux, that's what the /dev/fb said -- When I did the who command, it showed yossi was logged in and being in the Video Group I could view the "monitor" (/dev/fb0)
My favorite box!
Great video, thanks as always :)
Awesome video! Thanks!
Is it possible to increase the volume of your audio going forward? I always find it really quiet and hard to hear, which makes it hard to follow and i'm often having to rewatch sections just to catch what you said. Great videos though, learnt a lot.
Hope to increase it after Nibbles - Just ordered the Blue Yeticaster off amazon, so should be able to increase the volume and increase sound quality.
Great technique on the debugfs, did not know about that one, I ended up dd'ing the whole drive over scp, took some minutes but was able to recover root.txt that way
but why was it too long for the serv and not for your linux distro?
its too long for wget, not for the server. wget is the one cutting the filename.
Finally
If we map wget ubuntu patch for CVE-2016-4971 ( bugs.launchpad.net/ubuntu/+source/wget/1.17.1-1ubuntu1.1 ) it falls on June 2016, whereas SSH banner maps to Jan 2018. Of course this vuln is patched.
Thank you
Hey can someone help me enable monitor mode on channel 6 i am on channel 1 and cant change it
KingOfFalafel didn't work as the password, mini rabbit hole ;)
btw you can also put metasploit modules modules in $HOME/.msf4/modules/exploits/..... if they don't require any special framework changes. So you don't have to clone the whole git repo (and maybe ruin your installations because of bundle install :) ).
Good call, created the skeleton now just in case i need it. Hadn't dont it because I forgot the directory structure and didn't feel like doing it live haha
I remember you explained how to split the terminal windows like you do, I just can't remember which video it was. Could you or anyone point me to that video.
Great video once again.
The tmux video
very cool ! 1:18:39
Ana felfoul ohibou l foul .... 😂
bruh .... lol
Anas Tawtaw wtf hahahhaa
Amine A i hack kol anwa3 alkhodar wel boudour. Lol just joking
Great!! Can you also do a vulnhub machine if possible pls......
Thanks :)
Indeed RationalLove was patched, the easiest way to detect is by following Ubuntu security notices ( ubuntu.com/security/CVE-2018-1000001 ) . "Released (2.23-0ubuntu10) " matches exactly our glibc version.
where to find gobuster?!
Check out the Haircut video. Believe I show how to download + compile it there.
IppSec thanks so much for everything you have done
Any easy one to begin with ??
On my channel there’s a beginner playlist
IppSec thank you i will see
Guys I'am new,can you send me easily vuln. machine link
Ippsec master teach me your way
thank you for trick with python3