SQLi, SSTI & Docker Escapes / Mounted Folders - HackTheBox University CTF "GoodGame"
75,038
Published 2022-02-03
Find some tips and tricks on their blog! j-h.io/htb-blog
For more content, subscribe on Twitch! twitch.tv/johnhammond010
If you would like to support me, please like, comment & subscribe, and check me out on Patreon: patreon.com/johnhammond010
PayPal: paypal.me/johnhammond010
E-mail: [email protected]
Discord: johnhammond.org/discord
Twitter: twitter.com/_johnhammond
GitHub: github.com/JohnHammond
If you would like to support the channel and I, check out Kite! Kite is a coding assistant that helps you code faster, on any IDE offer smart completions and documentation. www.kite.com/get-kite/?utm_medium=referral&utm_sou… (disclaimer, affiliate link)
All Comments (21)
-
John: Literally shows the first docker escape I've ever seen Also John: "Wow I'm a dumbo"
-
When you didn't see the output for 22 port, it was because of your command. You did '> /dev/null' which made the succesful results go to null. What was needed is this: '2> /dev/null'
-
Even though I can understand each step taken individually I wouldn't be able to string them together with my current skillset, but I did find solace in the fact that I had previously ran into and solved the bash -p hick-up. (*Insert Leonardo pointing meme here* The bash -p issue I ran across previously!)
-
Awesome video. Love your energy, your passion comes through and it’s contagious.
-
Love watching you work John! Thank you.
-
yo btw Thought I would just say, I recently found your channel and with every video I watch I learn something new, interesting, or another way of doing something I never even thought of! I love your content and I am pretty sure I will be a consistent viewer from now on. Keep up the great work John! :D
-
I can’t believe how it only has one star of difficulty. I could never get that far
-
just wow man.. watching you do this is so satisfying. So inspiring. WE. WANT. MORE!!!!!!!!
-
man the privesc was insane!! I didn't know that technique. Thanks John,
-
"We're root supposedly....but we're supposed to be user. Did we skip that?!" John out here too good for these level 1 boxes haha
-
Just started CTF and i love the challenges, my work is mind numbing, so these challenges are a great way to spend the remained of my work day.
-
this is gold, thanks a lot John!
-
that was a cool privesc. learn't alot from this video. thanks!
-
You are a master at your craft. Awesome video.
-
Just a big thanks, u r the MAN✊🏻
-
Dude this is insane man, never though it would be this easy.......
-
mounted file systems are dangerous, that was fun to watch!
-
Brilliant video, thanks
-
4:30 "People are all excited about Battlefield" That didn't age well...
-
Wow I loved the video. Thanks