JSON - In Depth Video Explanation

This is my first video on any of the HTB machines and I’m going to make more for all of the other boxes I’ve completed, so really keen to hear any feedback you guys have.

In this one I’m getting the user flag on the JSON box that was just retired (the root flag video will be up later today) but rather than just show what I did, I decided to explain the ysoserial exploit in a lot of detail. I figure that’s a lot more useful for most people that are watching walkthroughs.

So yeah let me know your feedback, good or bad

great!

That is great that you explained how deserialization works. It will definitely help those without (or with small) web development background, including me
I think people appreciate vidoes that shows whats going on in depth, rather than just rushing for the root.
Thanks for your work

Thanks for the positive feedback so far guys. Keep it coming (feel free to suggest things that could be improved for future videos)

The root part (three methods to get root) is now up:

@VbScrub said:

This is my first video on any of the HTB machines and I’m going to make more for all of the other boxes I’ve completed, so really keen to hear any feedback you guys have.

This is great - nice work.

@TazWake said:
This is great - nice work.

Cheers

good job man!,

I did two ways in kali, in the last method, I use ssh and wine

Type your comment> @Str0ng3erG3ek said:

good job man!,

I did two ways in kali, in the last method, I use ssh and wine

Thanks! and yeah there’s plenty of other ways to do the port forwarding, but I fancied writing my own tool for it and it was a good learning experience