Hack The Box Walkthrough - Crocodile
Вставка
- Опубліковано 7 лют 2025
- In this video I walkthrough the machine "Crocodile" on HackTheBox's starting point track. We cover how to target a misconfigured FTP server and a vulnerable web application. If you would like a notes repository or written walkthroughs of these labs, check out my Notion repository here: jacobscheetz.n...
![[Unikernel Application Spotlight] TrailBase](http://i.ytimg.com/vi/KlgmSQ-sNs8/mqdefault.jpg)
He has the best hack the box videos by far! Everyone else just speeds through them and don't explain chit haha Thanks for your videos.
You're welcome! glad you liked the videos!
I gotta say as a beginner that I watched all the previous walkthroughs and summarized almost every detail you said. That way I was able to figure things out myself and how to go through and answer most of the questions in this challenge (up until the gobuster command, since I didn't know what it was or how to use it). And that just shows how good your explanations were because I'm an absolute beginner to this penetration test world so thank you very very much you helped me A LOT!!🙏🏼🙏🏼
Thank you SO much for this. I'm currently going through machines and reading the pdf instructions but seeing you do this IRT and using slightly different methods helps broaden my knowledge! Thanks again! Love this series.
is there any PDF instructions? I am not able to get gobuster login outcome from cmd.
Thank you for also explaining things, calling them properly and giving theory base
Back at it again my friend.
you great you are my model to pentesting you are a begginer to youtube youth for speech but you defined it well keep it up
Your videos are SO good. Greetings from Turkey!
At 11:00 what did you do to have the terminal show you potential paths for the wordlist?
i wasnt sure either idk but tab might do something
yep Jack Darton's right, its tab.
Can you show how to brute force it with hydra?
Can you do a tut on the new Machine Responder HTB added to the tier 1 machine group I cant find a Tut on it anywhere and Id like to continue to proceed Thanks alot.
Yeah I’ll definitely be covering it! I had plans to cover the other new box as well!
When I'm connecting ftp server and trying to list all the files and dirs (ls command), after a few seconds it outputs: 425 Failed to establish connection. What is wrong?
Great videos. Thank you for the content. I do have one question. Has anyone run into a "Permission denied" when getting allowed.userlist or allowed.userlist.passwd?
Yup. did you ever figure it out?
I figured it out, you were probably in the root directory like i was, which was not writable for my user. just go to a writable directory and you will be able to complete the xfer.
use sudo before your command
@@svenstubes I had the same issue and ↑ worked.thanks.
Wow I didn’t know about the ../ to mv files back one directory
how do we get to know that it has the php and js files ':) can someone clear this?
nice job
Thank you!
bro you will have my rerspect
Nice and clear Videos. I've subscribed :)
thx was stuck with the gobuster
❤❤❤❤
Keep doing this, you explain very well, and your english is very good so i understand everything!!!! also I can improve my english jijijiji : )
thank you very much
Nice
THX BRO
Error: error on parsing arguments: wordlist file "/usr/share/dirb/wordlist/common.txt" does not exist: stat /usr/share/dirb/wordlist/common.txt: no such file or directory
add "s" after wordlist ! it is wordlists
hi bro can you explain me what is for "-w /usr/share/dirb/wordlists/common.txt" in 11:36
-w is the flag for using a wordlist with gobuster. after, the /usr/share... is a full path to the file that's used as the wordlist. If you navigated to that directory, you'd find those .txt files.
gobuster reads the textfile to use it as a reference when trying to find hidden directories, basically trying a bunch of statistically possible names like "index" or "login", but it can be a huge list of words