IppSec
Famous for detailed walkthroughs of Capture The Flag challenges and Hack The Box machines, breaking down each step methodically for learners ([securityboulevard.com](https://securityboulevard.com/2023/07/10-best-cybersecurity-youtube-channels-of-2023/#:~:text=9,and%20Hack%20The%20Box%20Machines)).
HackThebox - Eighteen
The video walks through the Hack The Box machine “Eighteen,” an assumed‑breach scenario where the tester starts with a set of credentials for a Microsoft SQL Server. Initial reconnaissance with Nmap reveals only HTTP (IIS) and MSSQL ports, and the tester quickly pivots to the database using the supplied login. Key techniques include leveraging SQL impersonation (Kevin can impersonate appdev) to read the users table, extracting a PBKDF2‑SHA256 password hash, and cracking it to reveal the admin password “I love you one.” A RID brute‑force enumeration generates domain usernames, which are later used for password‑spraying via WinRM and the evil‑winrm tool to obtain a remote shell on the Windows 2025 host. Notable moments feature the line “Kevin can impersonate appdev,” the discovery of the cracked admin password, and the mention of the BadSuccesor exploit—still useful despite being largely patched. The tester also demonstrates handling of Flask cookies, z‑lib compression, and the challenges of domain versus local authentication. The walkthrough highlights how weak database permissions, reusable hashes, and unpatched Windows exploits can be chained to gain full system compromise, underscoring the need for strict impersonation controls, strong password hashing, and timely patch management.
HackTheBox - Conversor
The video walks through the Hack The Box "Conversor" machine, an ostensibly easy box that hides two distinct attack vectors. The target is a Flask‑based web application that accepts XML and XSLT files to generate HTML reports, while the underlying...
HackTheBox - Gavel
The video walks through the Hack The Box “Gavel” machine, focusing on a rare SQL injection that abuses a prepared statement by injecting the column name. After enumerating the host with nmap, the presenter discovers an exposed .git directory, clones the...
HackTheBox - Principal
The HackTheBox "Principal" machine centers on a freshly disclosed CVE 2024‑XXXX in the JJWT Java library, which mistakenly skips signature verification when a JWT’s signature field is null. Combined with an SSH daemon that trusts keys signed by an unprotected Certificate...
HackTheBox - ExpressWay
The video walks through the Hack The Box "ExpressWay" machine, illustrating how a seemingly simple box can be compromised by leveraging old, overlooked vulnerabilities. The presenter starts with a UDP Nmap scan, discovers the IKE service on port 500, and uses...
HackTheBox - Guardian
The HackTheBox "Guardian" walkthrough demonstrates a full‑stack penetration test, starting with network scanning and sub‑domain discovery that revealed a default credential (GU1234). Attackers leveraged FFUF to brute‑force accounts, accessed a chat feature, and uncovered a Gitea instance where the public...
HackTheBox - GiveBack
The video walks through the Hack The Box “GiveBack” challenge, showing how a seemingly ordinary WordPress site can be leveraged to gain full control of a Kubernetes‑hosted environment. The presenter first discovers that the site runs an outdated Give plugin (v3.14.0)...
HackTheBox - Soulmate
The video walks through the Hack The Box “Soulmate” challenge, emphasizing a disciplined, multitasked reconnaissance approach rather than a straight‑to‑code‑execution mindset. Ipsac begins with an Nmap sweep, discovers only SSH and HTTP, then adds a host entry for soulmate.htb and...
HackTheBox - Signed
The video walks through solving the HackTheBox "Signed" machine, an assumed‑breach challenge centered on a Microsoft SQL Server 2022 instance. Starting with default credentials, the presenter demonstrates initial enumeration, discovers that the guest account lacks XP cmd shell privileges, and pivots to...
HackTheBox - Imagery
The video walks through the Hack The Box "Imagery" machine, a Flask‑based web application exposing a gallery, login, and bug‑report functionality. The presenter begins with standard port scanning, identifies HTTP on port 8000, and confirms the service runs WorkZug on...
HackTheBox - WhiteRabbit
The video walks viewers through the Hack The Box “WhiteRabbit” machine, beginning with a standard Nmap scan that reveals three open ports: SSH on 22, HTTP on 80 served by Caddy, and a secondary SSH on 2222 likely running inside...
