HackTheBox - Perfection
Рет қаралды 12,818
Күн бұрын00:00 - Introduction
00:50 - Start of nmap
02:50 - Discovering the Weighted Grade Calculator which we will exploit
04:50 - Using FFUF to enumerate all bad characters and discovering we can't send any symbols
07:10 - Quick bash one liner with JQ to URL Encode each line of our wordlist
09:30 - Discovering a New Line character breaks the search for Bad Characters, then getting a shell on the box
14:40 - Shell returned, looking at the source code and seeing the "Bad Character" filter was really a regex whitelist
18:50 - Discovering mail that says the password format in the database
21:50 - Using hashcat Bruteforce mode to crack the password
@AUBCodeII 27 күн бұрын
Babe, wake up, new IppSec video dropped
@o3tg2w35t 20 күн бұрын
I learned pen-testing largely from these videos. Three years ago, I got my first pentesting job and somehow promptly forgot all about IppSec. Until today. It's such a great feeling, to know that all my studies paid off. I can finally understand the full content of these videos! Yipee!!
@NatteeSetobol 21 күн бұрын
I didn't know you could brute force with hashcat like that. I always learn something new!!
@Ms.Robot. 26 күн бұрын
❤🎉 another sweet drop from the Wizard of the Matrix.
@juandelpuerto5711 27 күн бұрын
Thanks, as always your explanations are gold!
@activ3Port 27 күн бұрын
the GOAT
@StefanŁukasik-m3k 27 күн бұрын
Solid as usual
@bread_girl_jane 23 күн бұрын
ippsec you’re one of my heroes but the way you pronounce ubuntu kills me lmao
@InsanexBrain 15 күн бұрын
thanks! great video as always
@felixkiprop48 25 күн бұрын
Let's rock❤
@alanbusque6645 27 күн бұрын
Thanks
@abdirahmann 27 күн бұрын
good vid
@Martin-Pentest 26 күн бұрын
Hey Ippsec i have a question that i guess is unrelated to this particular video but i know your the man to ask.. so i'm trying to figure out why if i type echo "password" | md5sum the output or string is totally different to the string i would get on say md5 hash generator online? Maybe i am being stupid but i guess i won't know if i don't ask.
@ippsec 26 күн бұрын
Without a -n, echo is putting a line break in.
@Martin-Pentest 26 күн бұрын
@@ippsec Well now i feel stupid aha.. problem solved. Thanks for the reply ipp your a legend 👌
@mohammadhosein6847 26 күн бұрын
you are so amazing
@kingzedge 18 күн бұрын
Aside from HTB and TryHackMe, what tools should I be playing around with on my computer in order to break into Cyber? I have a few ideas: Kali Linux, Linux GUI, Windows command prompt. What else should I download?
@ManuGram 27 күн бұрын
Really great content,i just wanna ask if you could do more mobile app hacking
@tg7943 14 күн бұрын
Push!
@sh22xpr 24 күн бұрын
I assume hashcat checks file each iteration instead of remembering it's content
@seM1c0l0n 25 күн бұрын
ffuf supports OS commands to encode input
@raphaelriera-v3b 25 күн бұрын
hey my burpsuite browser can't connect to the website
@j0hnc0nn0r-sec 14 күн бұрын
Hard to tell he ever had a speech impediment now
@nicollasalcantara6907 18 күн бұрын
My reverse shell is not working lol
@_Mann_Kasodariya 16 күн бұрын
can you make video about how can you have option to which search engines do waan search for it or give me name of softwer so i can to. if anyone know in chat will you help me into this 3>.
@admiralbaty 27 күн бұрын
semicolon ; Colon :
@amieemaya9472 26 күн бұрын
Lulz
@Blomma761 27 күн бұрын
First
@redxroomie 27 күн бұрын
Lol
@boogieman97 21 күн бұрын
Hey Ippsec, yesterday I got a new VIP sub for HackTheBox for a year. Haven't done any of the Sherlocks earlier until today. I really liked the LockPick3 Sherlock! Have you done that one yourself already ?