If you want to see exclusive content and have the opportunity to game and chat with me about anything check out the patreon! Patreon to help support the channel! Thank you so much! patreon.com/stuffy24
Thanks for this video! I am doing the Penetrator Test on HTB and getting completely confused/struggling with a lot of this stuff. Videos like this really help even to show the mind set of how to pen test and the steps/process involved in joining the dots.
@@stuffy24 anytime if you can keep them coming I would really appreciate it. Some of this stuff feels like I need a tutor to show me how it all works haha
lmao it's funny how for the user flag the only step I didn't miss but fail was leaving the targeturi empty for the cms for the user flag in order to get the meterpreter shell. figuring it out for root on the other hand, I doubt I could do that on my own as a beginner. those 2 commands CMD="/bin/sh" and sudo php -r "system('$CMD');" were totally alien to me. thanks for the help
I like their business model because i can return to it later, you can use it without subscription too once boxes are bought I am starting with THM but moving to HTB after im more efficient because HTB is harder but THM is more instructive for beginners
It's probably because you have to set your LHOST in metasploit to your htb vpn ip which will be under the tun0 interface. but if you're on a vm ware then then that might be a problem to figure out just connect to the htb open vpn and note that the htb academy uses a different vpn file then your actual normal htbs just wait 10 to 20 seconds and use ping to ping the targets ip to see a response I'm using a rasberry pi instead of a vm but note that rasberry pi can't use stuff like burpsuite also vm will work you just got to figure it out
@@AlabamaLockPicking-Main I ran to multiple issues running a local Linux and wasted lots of time trying to troubleshoot/figure it you now I just use the local pawn machine if I start having issues
@ibrahimandong1572 did you ever figure it out because I realized that when using meta sploit some things will have a option for lhost and for the lhost it would usually have my private ip address set by default so I had to manually set the lhost to the vpn ip address you can just type set LHOST tun0 after setting a RHOST in msfconsole when using a htb vpn and that will fix your problem if that's the issue you're having
@ibrahimandong1572 is it just with msconsole because to solve your problem with that before or after setting a rhost type "set LHOST tun0" and that might fix you're problem because it'll try to set it to a different ip by default that isn't your vpn
Thank you so much!! Check out the discord in the description to get access to Livestreams and stuff to learn more! Also the Patreon members get 1 on 1 sessions so if you want me to teach anything specific! Also just throw out videos you wanna see and I'll try and make it happen!
I've been working on this for a while now, but for some reason, the php file won't upload to the server. I've followed everything, but I cannot figure this out for the life of me.
Hey man i respect your walkthroughs i have a question for you. I'm looking for a duo youtuber so we can work togheter would it be okay if you can have a chat with me about maybe a future project togheter?
If you want to see exclusive content and have the opportunity to game and chat with me about anything check out the patreon!
Patreon to help support the channel! Thank you so much!
patreon.com/stuffy24
Great and I will be interested in that
Thanks for this video! I am doing the Penetrator Test on HTB and getting completely confused/struggling with a lot of this stuff. Videos like this really help even to show the mind set of how to pen test and the steps/process involved in joining the dots.
Thanks for the kind words
@@stuffy24 anytime if you can keep them coming I would really appreciate it. Some of this stuff feels like I need a tutor to show me how it all works haha
On knowledge check, Im change default theme .php code to php reverseshell and call the website. Thanks for sharing msf way.
So valuable to watch this, thankyou.
Watching you go down the same path that I did, taught me that all I was actually missing was persistence 😆
Haha persistence is the strongest skill in this field I will tell you that! You got it though !
lmao it's funny how for the user flag the only step I didn't miss but fail was leaving the targeturi empty for the cms for the user flag in order to get the meterpreter shell.
figuring it out for root on the other hand, I doubt I could do that on my own as a beginner. those 2 commands CMD="/bin/sh" and sudo php -r "system('$CMD');" were totally alien to me. thanks for the help
@@banana-9959 absolutely glad it helped !
Great content, I really enjoyed your walkthrough. I hope you continue with the great videos. Thank you
Thanks so much!
Haha now I know what was wrong with the last assignment, I messed up my metasploit parameters. Thank you!
Thanks for the content I've read all of it but got confused at doing the machine that's what I came here for
Good content! Bravo! and would love to see your note taking techniques. I get disorganised with my notes
Hey thanks so much! My notes are available for Patreon members to access!
I like their business model because i can return to it later, you can use it without subscription too once boxes are bought
I am starting with THM but moving to HTB after im more efficient because HTB is harder but THM is more instructive for beginners
I can appreciate that! Never thought about it that way!
the metasploit doesn't work on my linux local installation keeps saying target is not vulnerable but works rideaway on the HTB VM
@ibrahimandong1572 did you verify you can communicate with the vulnerable machine from your local machine?
It's probably because you have to set your LHOST in metasploit to your htb vpn ip which will be under the tun0 interface. but if you're on a vm ware then then that might be a problem to figure out just connect to the htb open vpn and note that the htb academy uses a different vpn file then your actual normal htbs just wait 10 to 20 seconds and use ping to ping the targets ip to see a response I'm using a rasberry pi instead of a vm but note that rasberry pi can't use stuff like burpsuite also vm will work you just got to figure it out
@@AlabamaLockPicking-Main I ran to multiple issues running a local Linux and wasted lots of time trying to troubleshoot/figure it you now I just use the local pawn machine if I start having issues
@ibrahimandong1572 did you ever figure it out because I realized that when using meta sploit some things will have a option for lhost and for the lhost it would usually have my private ip address set by default so I had to manually set the lhost to the vpn ip address you can just type set LHOST tun0 after setting a RHOST in msfconsole when using a htb vpn and that will fix your problem if that's the issue you're having
@ibrahimandong1572 is it just with msconsole because to solve your problem with that before or after setting a rhost type "set LHOST tun0" and that might fix you're problem because it'll try to set it to a different ip by default that isn't your vpn
Awesome videos man! One of the best guys on UA-cam for sure!
Appreciate you!
Amazing content !! exactly what i was looking for
@@mcMonzeray thank you!
Love your video!!!! start my journey in HTB Penetration tester. Thank you your walkthrough and help me a lot!!!
I'm glad I could help
you are the best teacher!
Thank you so much!! Check out the discord in the description to get access to Livestreams and stuff to learn more! Also the Patreon members get 1 on 1 sessions so if you want me to teach anything specific! Also just throw out videos you wanna see and I'll try and make it happen!
Respect from my side sir...
Appreciate you!
Im still curious on why the file upload didn't work with metaexploit? did you ever find out?
I can't remember off top of my head now. That's been a bit ago
bump for the algo.
I've been working on this for a while now, but for some reason, the php file won't upload to the server. I've followed everything, but I cannot figure this out for the life of me.
Hop in the discord and put screenshot in #questions and we can hopefully help
Love your video!
Really helpfull I was just stuck at the upload part 😅😅
Thanks so much!
body you are good!
ty
did you pass the CPTS cert.?
I have no plans on taking it.
@@stuffy24 hmm...do you think it's worth the time
@ELASHWAL1000 depends on the person and the goals. For me no it's not worth the time money or effort. For you maybe it is idk.
nice one!
Thank you!
ありがとうございます
Hey man i respect your walkthroughs i have a question for you.
I'm looking for a duo youtuber so we can work togheter would it be okay if you can have a chat with me about maybe a future project togheter?
You can message me on the discord to discuss
@@stuffy24 Lovely m8
Thanks a lot brother
@@SophisticatedSignal thank you