From what I can tell, ippsec is mainly just editing the http requests to different sites. I don’t think you need to learn web development but it will sure help a ton! If you have two years I would definitely Atleast learn the basics. But definitely …
Type your comment> @skate4ever said:
> I've been working for a few days on exploit, but I think I've lost sometime. I think I got the points I need to get root it's the first time a write a exploit using ROP, but I could not find the right fu…
Type your comment> @Kwicster said:
> Hey can anyone give me some pointers on the binary exploit? I managed to get it working locally, but realized that the target machine doesn't have the library i used to create the exploit and I'm kind of a…
Oh man.... BOF wise I would check out Ellingson... Get through that and you should have no problem with the BOF on the exam.
As for pivoting, I'm currently on Ghoul and theres so serious pivoting going on. Spent a day just learning about it to be ab…
I'm stuck on the second pivot... Are the same keys supposed to work as in the first and second box? I keep getting a permssion denied error. Not sure if it's because I'm doing something wrong or something is just screwy with the keys I got.
Type your comment> @meowzilla said:
Since this seems to be the part everyone gets stuck at I’ll chime in. I had this same problem. Worked on it for 4 days without making progress but I finally got it.
If you’re popping a shell locally i…
Yea man I reference ippsec video for so much stuff. His videos are life savers. The way I do it is when I have free time I’ll just watch his videos all the way through. Then when I actually start working on boxes, scenarios will present themselves t…
I'm stuck at the pivoting part. I have a root shell but I'm not quite sure how to go about pivoting to acquire the other. If anyone has any links or reading material that could help me learn this and get further i'd greatly appreciate it. :)
All the users you found have their own passwords that need to be obtained. Same way you found that password you can find the other passwords that will work somewhere else.
Type your comment> @CurrentUser said:
Maybe find a service that usually requires authentication and try it with that. I don't really remember this box but I'd be happy to help in anyway I can if you refresh my memory.