Before privesc thoughts in my head - not too complicated, but getting the root is blown my mind, how much time it will take to know so many nuances? Thanks for the great video!:)
@ippsec with that ubikey stuff... Google said that the counter is F0801. You tried first 0801 (didn't work) and then 0F08 that worked. My question is.. why did it work? It is a very short number compared with the one on the file. It wouldn't have to be F080? I hope i did explain well. Thank you for your content, it is amazing!!
1:19:07 I’m super confused what happened here. Surely you just changed the host header of your request, which would just hit a different vhost on the server - how did that end up changing the domain in the email? Or is it just naively assuming that the requested hostname is trustworthy?
When you eventually sent the password reset link and waited for someone to click it... Who did that? Is that something automated by htb, or is someone monitoring those accounts for this purpose? Might be a dumb question but I have no Idea and am very curious!
@@ippsec thank you... I've just read up about Cronjob now. I can only wish that one day I'll have the knowledge you have. Thanks for replying, and thank you for the amazing content!
quick note: I'm pretty sure that the import pty in python would've worked if used with /usr/local/bin/bash (unix/bsd style) instead of /bin/bash (linux style)... Great video walkthrough by the way... I'm still digesting all the info showed here as most of what was done is completely new for me.... thanks again for this awesome job!!!
so you have someone taking 2hrs+ of their time to post a walkthrough of an insane box for free and you focus on a dollar sign? oh lawd help this man lol
2 hours and 44 minutes of ippsec solving an insane box...
Popcorn time!
I was just waiting for INSANE box.Thanks all again legend
Me too...🤗
Perhaps legend is small word for him. He is way beyond legend.
@@muhammadzeeshankhan4947 True, No training institutes provides this gem for free,what this man does all alone.He will be always in prayers of us.
Oh...man this is a treasure... Meny things are resembles with real life Scenarios..
Insane box😃
Thanks you ipp...😍😘
This was insane. Great job as always
Ohh god yes three hours, love intense boxes, and as a system administrator I love monotonous s***
37:29 this thing happened to me in the new box. I kept thinking for 5 days that box is broken until I used Proxy with curl and capture it in burp.
this sure was a ride. learned a lot, thanks!
That was one hell of an insane box.
You are talented man.
Really tough box thank you ippsec
Before privesc thoughts in my head - not too complicated, but getting the root is blown my mind, how much time it will take to know so many nuances? Thanks for the great video!:)
dear god what a box
@ippsec with that ubikey stuff... Google said that the counter is F0801. You tried first 0801 (didn't work) and then 0F08 that worked. My question is.. why did it work? It is a very short number compared with the one on the file. It wouldn't have to be F080? I hope i did explain well. Thank you for your content, it is amazing!!
1:19:07 I’m super confused what happened here. Surely you just changed the host header of your request, which would just hit a different vhost on the server - how did that end up changing the domain in the email? Or is it just naively assuming that the requested hostname is trustworthy?
1:16:51 I wonder if nslookup was also doing an AAAA request?
Love the video watching while at work :) Can you do a tutorial on setting up BurpSuite and basic Tutorial ?
u best
When you eventually sent the password reset link and waited for someone to click it... Who did that? Is that something automated by htb, or is someone monitoring those accounts for this purpose? Might be a dumb question but I have no Idea and am very curious!
Cronjob clicking it
@@ippsec thank you... I've just read up about Cronjob now. I can only wish that one day I'll have the knowledge you have. Thanks for replying, and thank you for the amazing content!
You were writing notorious SQL queries
Cuál es el tema de la terminal?.me gustó los colores que utiliza
quick note: I'm pretty sure that the import pty in python would've worked if used with /usr/local/bin/bash (unix/bsd style) instead of /bin/bash (linux style)...
Great video walkthrough by the way... I'm still digesting all the info showed here as most of what was done is completely new for me.... thanks again for this awesome job!!!
How do you set up your machine?
Hey Ipp tu as fait quel formation en Cybersécurité? 😆 J'ai grave envie d'être ton élève enfin tout les abonnés le veulent
Is this box oscp level?
Not even close. OSCP is way way easier than this
there is a playlist for ocsp prep in ippsec's channel, most of the boxes are easy-med level.
Oscp boxes levels upto easy boxes of htb. Most of the medium boxes in htb are way harder than oscp
Do i need deep knowledge about vlan for hacking ?
pepega is a twitch meme lol
Clearly you didn't watch 24. President David Palmer.
respond to me server haha
whats with the annoying $ why do this it is confusing! turn that crap off!
so you have someone taking 2hrs+ of their time to post a walkthrough of an insane box for free and you focus on a dollar sign? oh lawd help this man lol
Lol someone’s mad
May not look pretty, but it's infinitely more annoying debugging issues created by trailing spaces.
Python is nigthmare of ident space error
Hey , do u have maybe a discord or some chat that i can contact with u ?
IppsecRocks
Lets take a moment to appreciate the nice workaround to google this week.
Awsome to see how a magician works, Ippsec.