how to be like ippsec

Hello Guys, Sorry for interruption and many thanks for the ones who are reading , anyway,i see lots of professionals like ippsec. and other guys overhere who are extremely unordinary who usually go for Brainfuck and impossible machines ,
may you please tell us how you guys became like that?? was it because you studied a lot or because you practiced a lot or because you guys had lots of experience or Dealed with a similar scenario,what is it about?
if any of you guys willing to help noobs like me please don't hesitate to type your reply,sorry if it is a useless question, but whenever i see how hard some machines are and i see people solving it i become disappointed ,thinking when would i become one of these cool professional guys?
so please would you give us some guide lines ?
Thanks for your efforts which will truely help,specially on privelege escalation...which is too tiring for me

Comments

  • Hey!

    This is not a useless question it's actually quite a legitimate question. Usually, people like ippsec have something that can trigger an understanding which makes it easier to work in the field. Let's take programmers/developers, for instance, most of the developers have out of the box thinking and use lots of logic. Not everyone can do it but if you practice enough you will get into the habit of thinking like that.

    In most cases, they either work in the field of Security, they have either studied Security or they may have been practising for many years and they have seen a lot of the challenges before. This doesn't only apply in Cyber Security but it applies to other fields too.

    Studying helps quite a bit like myself I am studying and aim to be a Pen Tester at some point in the future but to start off I need to practice and think like a Hacker!

    Anyway, I hope this helps and hope other more experienced people answer your question. :)

  • I will be happy to start a small group that pays pays ippsec to answer questions and coach us.

  • maybe the HTB discord could make an interview...

    peek

  • Type your comment> @peek said:

    maybe the HTB discord could make an interview...

    This!


    Hack The Box
    defarbs.com - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • edited June 24

    Idk, it just all seems like it comes down to practice for me. The more boxes I do the easier the harder ones get. When I started on this place over a year ago it took me almost a week to do a medium box, now I could compete for first-bloods on them if I cared to stay up during the weekend nights to work on them.

    Of course, you also need solid theoretical foundations so you gotta read and study things like networking, kernels, windows internals, etc, but that should come on its own if you're curious and persistent.

    Hack The Box
    Null | Nada- | Zip | Diddly | Zilch+

  • Type your comment> @Xentropy said:

    Idk, it just all seems like it comes down to practice for me. The more boxes I do the easier the harder ones get. When I started on this place over a year ago it took me almost a week to do a medium box, now I could probably compete for first-bloods on them if I cared to stay up during the weekend nights to work on them.

    ^^ this

    it's possible that to some limited extent some people are just inherently "better" at solving certain types of problems, but everyone can get to a point where they're good enough that the difference is negligible.

    in the beginning, it's probably valuable to watch ippsec videos and read walkthroughs, but I'd argue the the most important things to learn are more about the process and less about the specific details.

    once you have a process which will reliably help you to detect what seems strange or interesting about a box, I have generally found it to be the case that I can find the answers I'm looking for by googling. the most recent box (Jarvis) is a good example of this. I wasn't immediately aware of how to escalate from a service account to a named user account, but I could tell nearly right away what type of problem it was and using that information I was able to figure out the solution using google. the same thing goes for the named user to root privesc. again in that case, just following standard privesc steps something stuck out right away, but it wasn't something I'm very familiar with and it took a little googling to figure out how to take advantage of it.

    the one thing i'd caution against is turning to the forum too early every time. in the beginning, if you don't have the basics down, videos or help from the forum probably does give a sense that you're learning a lot, but bear in mind that learning how to find the answers yourself can be an equally (or more) valuable skill in time.

    in any case, if you invest the time and keep practicing, you will get better and eventually you'll get to a point where you're mostly having to look up little trivial things on a majority of boxes.

  • Many, many, many hours spent simply doing it, and doing the research that comes up along the way. It's pretty much the path to becoming an expert at anything. Sorry that's kind of boring.

    LegendarySpork

    my badge doesn't work, click on my profile if you want rank and stuff

    Taking a break from HTB through Dec 2019 in order to focus on other projects.

  • you gotta eat sht to know sht

    you got to eat shit to know shit

  • How did Keanu Reeves become John Wick? It's the old adage, practice makes perfect. Work on every active machine and challenge here in HTB, and even CTFs you can get your hands on. Read write-ups and video tutorials from @ippsec. Do that long enough, you'll be able to tell Morpheus, "I know Kung-Fu".

    I think it all boils down to an individual's learning style. For me, I learn best by doing. And yes, write notes, lots of notes...

    limbernie
    Write-ups of retired machines

  • How do i become Kevin Mitnick please?

    cyberus17l

  • I believe practice and experience has a lot of roles to play in this field. You can join our HTB discord noob community. You will meet noobs and pro's like Ippsec who are there to give you listening ears for your questions and challenges in solving HTB boxes and becoming better. use this invite link https://discord.gg/6XKdrGz Happy hacking.

  • Type your comment> @cyberus said:

    How do i become Kevin Mitnick please?

    rofl xDD allright man thanks for your advice,
    anyway thanks guys for your advices and thanks a lot for all the people who replied , it seems that we can't get anywhere without practicing like everyone said, i think i am on the right path then,
    anyway thanks a lot for sharing your thoughts and experiences with me , and a problem of any noob is the privelege escalation,is there anything like a research or something that makes it a little bit not complicated ! i mean i find it a bit hard to privelege escalate and sometimes impossible, so any help regarding that will be appreciated, i will join D2D ,Thanks a lot .

  • for linux priv esc, i start that way:

    forum and security...

    https://pastebin.com/qvq5YC74

    peek

  • Type your comment> @baltazzar said:

    Type your comment> @cyberus said:

    How do i become Kevin Mitnick please?

    rofl xDD allright man thanks for your advice,
    anyway thanks guys for your advices and thanks a lot for all the people who replied , it seems that we can't get anywhere without practicing like everyone said, i think i am on the right path then,
    anyway thanks a lot for sharing your thoughts and experiences with me , and a problem of any noob is the privelege escalation,is there anything like a research or something that makes it a little bit not complicated ! i mean i find it a bit hard to privelege escalate and sometimes impossible, so any help regarding that will be appreciated, i will join D2D ,Thanks a lot .

    Hey bro i can of need your help am lost just new here here please

  • Type your comment> @Muzec said:

    Type your comment> @baltazzar said:

    Type your comment> @cyberus said:

    How do i become Kevin Mitnick please?

    rofl xDD allright man thanks for your advice,
    anyway thanks guys for your advices and thanks a lot for all the people who replied , it seems that we can't get anywhere without practicing like everyone said, i think i am on the right path then,
    anyway thanks a lot for sharing your thoughts and experiences with me , and a problem of any noob is the privelege escalation,is there anything like a research or something that makes it a little bit not complicated ! i mean i find it a bit hard to privelege escalate and sometimes impossible, so any help regarding that will be appreciated, i will join D2D ,Thanks a lot .

    Hey bro i can of need your help am lost just new here here please

    Sure thing bro

    cyberus17l

  • Type your comment> @Xentropy said:

    Idk, it just all seems like it comes down to practice for me. The more boxes I do the easier the harder ones get. When I started on this place over a year ago it took me almost a week to do a medium box, now I could compete for first-bloods on them if I cared to stay up during the weekend nights to work on them.

    Of course, you also need solid theoretical foundations so you gotta read and study things like networking, kernels, windows internals, etc, but that should come on its own if you're curious and persistent.

    This is inspiring. I'm at the point where it takes me a week to do a medium box, 45 days on here and I've only got 5 flags. Maybe if I can keep obsessing as hard as I have been for the past month and a half I can relate to your statements even more.

  • ok for my brothers , noobies and beginners like me , get Discord and join the community, lots of helpful people there,vip is important , it gives you much valuable experience, and if you need help come on discord, all the community help each other there, people are so good

Sign In to comment.