Відео

Is this parrot or Kali you’re using?

What would be the best way for me to better ubderstand what you explain? Im a beginner and I don't get most of the stuff yiu show

Please sir ippsec can you make a video on the Mailing box?

Push!

duam you are so so good .....i like you man . real prof man ,

8:33 the power of friendship

"Your Nmap skills are top-notch! 🔥 Always learning from the best. Keep it up! 💪 #ProHacker"

22:21 why didn't PSSession worked???

I know a similar question was asked but i was curious for the privEsc exploit - is this something you just saw that it was an older windows DC and just gave it a whirl? is that vulnerability something you would just try against windows server 2008 and 2012 DC's off the bat? Thanks!

I want to try this out for my career can anyone put me through please?

16:15 apart from the username abd password, you forget to put the share

this called me ignorant in 10 different languages and finished it with a slap on the face.

Hey Ipp, did you know there's a town in Central African Republic named after a handsome man at 6.2716° N, 21.1951° E?

Can you make more videos for web apps? I think web app videos might get more views because web developers can also watch and understand so that they are able to better harden their site. Your videos are great but I have to dedicate my time completely to web development.

hi ippsec, i think free users only have access to one most recently retired box.

I didn't quite like this box, it was annoying because... Minecraft 😂 I think log4j could've been depicted using another service.

fuck this box

I think you are showing this log4j stuff from an experienced pov that dealt with it many times so you just know what to do each time, rather than showing the actual methodology a newbie would go through when they face a certain exploit for the first time.

I'm pretty windows by default now won't connect to a share unauthenticated. If you set up your share with a username and password on crafty, it works.

God this one was so annoying when it was active, so unstable lol

I actually exploited this using an actual minecraft account xd didnt know theres console client for this

ily

i cannot for the life of me get a reverse shell on this machine even when i follow this tutorial

I was searching for it...but youtube only gave me that he wanted... And now i found this

bro can u make font size bigger or use zoom in for whole video coz for me its hard to watch those text

Empire Last commit 5 years ago, still useful?

nice!

Love the breakdown! Very clear on your process

Nice! have you (or anybody here) tried cve-2024-4577 PHP-CGI remote execute on this? I tried it but it didn't seem to work and I don't know why.

you bestt <3

Nmap: No:`nmap -sV -sC ...` Yes:`nmap -sCV`, `nmap -sVCS`[Stealth mode] Complete[:`nmap -sVCSYU -O ..`[TCP Stealth(-sS), UDP + SCTP] Idk why you use this stupid, elongated syntax, and have been asking myself this for a reasonable while now...

this is amazing and insightful content thank you so much

It took me a while to figure this out, but you can also use John the Ripper to crack a salted hash. First, we need to create the file with the hash and salt, in the format <hash>$<salt>. I'll name it admin.hash: b8fd3f41a541a435857a8f3e751cc3a91c174362$d After that, we need to identify the format to be used: john --list=subformats | grep -i sha1 | grep -i '\$s' The command above shows us that we want to use the dynamic_24 and dynamic_25 formats: Format = dynamic_24 type = dynamic_24: sha1($p.$s) Format = dynamic_25 type = dynamic_25: sha1($s.$p) Since we don't know whether the salt is added before or after the string before calculating the hash, we have to test both formats. Finally, we need to run john with both formats: john admin.hash --wordlist=rockyou.txt --format=dynamic_25 After running john with the dynamic_25 format, we find out the the cleartext password that, prepended with the salt "d", generates the hash above.

This was amazing to watch❤.This pwns the Maze lile a true master.

What metasploit version is that?

@32:41 i think it is failing because you are supplying it with a PID (2336) number instead of PPID number corresponding to that which if i can remember it was something like 624.

Hey ippsec are you planning on doing any more live streams for ctf's and things in the near future? Would be great to be more interactive with you picking your brains and learning.. much love my friend 🖖

Push!

What's going on, UA-cam, this is IppSec, and today I'll apply for a job at Google Project Zero

Se garantiu man

i cant stand hacking on a vm so I have to reboot if i want to use a tool like ysoserial for a ctf :(

POV hackbox let's do it love from India ❤

what do you do when you encounter the completely new thing during challenge how do you cope up with that how do you manage to go to the next setup

Waiting for the usage machine as my SQLmap failed to retrieve the db contents

Legend. 🤘🏻🤘🏻

Hi

Hey Bro do you know where i can learn hacking instgram accounts

Are you god

You can use strace into a PID too.