TryHackMe! Sudo - CVE-2019-14287
Vložit
- čas přidán 27. 08. 2024
- If you would like to support me, please like, comment & subscribe, and check me out on Patreon: / johnhammond010
E-mail: johnhammond010@gmail.com
PayPal: paypal.me/johnh...
GitHub: github.com/Joh...
Site: www.johnhammond...
Twitter: / _johnhammond
1:44 - port scanning /w nmap
2:43 - Web vulnerability scanning w/ Nikto
2:50 - finding web dir /w gobuster
6:18 - cracking password /w hydra
7:11 - FTP login
10:17 - doing some forensic stuff
11:20 - cracking zip file
14:54 - SSH & finding task 4 answer
20:48 - Privilege Escalation
Always fun to watch John Hammond doing some TryHackMe room, hope my channel can grow as good as John Hammond
I was just watching an ippsec vid and he has chapters with titles and descriptions that display when you hover over the seek bar. I guess this is a new feature in CZcams , at least its the first time I've noticed it. The feature should save you some keystrokes 👍🏻
This is AWESOME! Thank you so much for the timestamps, I really need to put stuff like this in my other videos!
All your videos are amazing 👍!!
I don’t know why, but I find your TryHackMe! videos to be super relaxing. I only vaguely understand what you’re doing, because I don’t possess any of this IT knowledge that you’re implementing. Thanks for the great content.
Happy to hear that! You'll definitely pick up the skills and the IT knowledge if you keep watching more, I think! Thanks so much for watching and thanks for all the kind words!
Agent Sudo is so awesome, especially if you're like me and have never gotten into steganography. Not to mention seeing you doing it with your knowledge is even more awesome! Thank you, John!
It makes me happy that what you did was more or less what I wrote in my writeup as a beginner back in December, awesome that I did it like you too!
I love how every morning I wake up and there is a new video waiting and new things to learn!! Very cool video :)
Hopefully I can keep up the every-week-day uploads! Thanks so much for watching!
Your videos are rlly chill and I like to watch solve CTFs that I solved :D
Thanks for uploading :3
Du auch hier
Happy to hear that! Thanks so much!
@@Noah-hk4ec
Schon lange xD
Addicted to John's explanations
I just got here (on your channel) this week and i'm learning a lot from your videos, thank you! Keep doing them, they are awesome!
nice!!
In this machine Linpeas reported permissions in lxd so I mounted a container and get root. I didn't know about this CVE :')
say it with me John - 'autoSPY'...the box is agent sudo after all :D
You make very good tutorials 🖒
Thank you so much! Appreciate all the kind words!
@@_JohnHammond Hi John, would love to see more Windows side stuff, Im currently studying for OSCP & I know there is a lot of Windows based, most of the stuff we tend to learn from CTF is all linux based, which is fine, for e.g. Could you do a review or something along the lines of using tools like psexec.py, crackmapexec etc... More Active Directory based attacks (or your next video for Attactive Directory) :) Thank you
19:26 *"2.2.3 Crash at Corona."*
Theyve planned this whole thing back then already 😦
Lol
Nice room John! I've learned some nice stuff with this video. I'm new in the hacking world, I started in THM a week ago and I'm learning a lot. Keep up with the good content, greetings from Argentina!
Of course I never get to exploit this bug when I want to find it, but I watch a video and there it is :)
Good video tho!
Thanks so much! And thanks for watching!
@@_JohnHammond I'm 22 but I wanna be like you when I grow up hahaha
enumeration videos like this is great to learn file extractions and finding hidden stuff
Nice one, thanks, always cool to watch 👍
damn dude, subscribing forsure! Awesome content in all your videos. Thanks a mil for the knowledge. :)
thanks for making these videos. helpfull to see someone elses sollution!
ngl I was also fetching Alien_autopsy.jpg , fun room and great video as always !
How did you know to try curling the website with an added header? That seems so random is that a very common technique?
omg very informative... like even for starters. greatwork!
oh man, I spent sooo long trying to find a steno tool that would work with PNG files... when I eventually tried binwalk I then spent ages trying to work out how to extract the extra data... had no idea binwalk would do that for me :D
Had to come here for the image title lmao
your videos are very entertaining, keep going D:
thanks i learned so much
Thanks man
Very cool!
I would love a video on how you setup kali and all your tools. These tryhackme vids are awesome tho!
hydra part was great. i watched your CTF videos from 2018 and it was very useful? Do you have a place where all your past videos can be listed?
Why did you immediately chose binwalk when you found that string in the png? I personally spent time using stegcracker on both images hoping there was some regular form of stenagraphy
Thank you very much, how long does hydra normally take?
Great video!
What type of machine are you using ? is it a ubuntu VM if yes would you share the tools installed on it. i also assume your using tmux. great content btw
John uses Terminator rather than tmux
You are amazing
John, how do you use kali tools on Ubuntu? You installed them with Katoolin?
Thanks for the tutorial.....
I got stuck on the zip file section. I did not see anything related to that. I’ll have to research the “binwalk” command, since this is the first time I’m hearing about it.
dud ,what is the name of the music in the end of the video ?
what terminal emulator are u using john?
Those fonts at 0:42 look cool!!! What are they called?
i used burp suite for change the user agent to C in repeater but it didnt work?
Really cool!
your cam is on the command way
You can also do this with lxd privesc.
Sry for this question, but I am really knew to this stuff. How can I access to the scripts which you are using?
I’m sure your asked a lot but do you have a link or guide to install the tools on Ubuntu your using?
The pain in this entire video is the exact reason I purchased a subscription with Tryhackme lol... so much faster and a lot more stable.
Hi can you make walkthrough the burp suite room. it is not free but want to learn this badly.
After ubuntu 20 arch you came back to 16 why 🙄🙄
Super.....
cool vid, but it's super annoying having your face over the commands your typing lol can you move the active console pane to the top or hide your camera when typing?
when trying crack the zip2john file i named " cracked.txt" is not working any ideas ? i have the output
john --wordlist=/usr/share/wordlist/rockyou.txt cracked.txt
Using default input encoding: UTF-8
Loaded 1 password hash (ZIP, WinZip [PBKDF2-SHA1 256/256 AVX2 8x])
No password hashes left to crack (see FAQ)
I have the same problem. Did you find a solution?
♥️
❤️❤️😍
make videos editing hangout streams !! 😀
2 openvpn connection just like in the king of the hill live
I'm so bad with that -- I really need to script that to kill it and bring it back as just one instance! Thanks for watching!
I feel like the last couple of videos have been unpolished at the begining.
I feel like i takes 0 effort to clear stuff from previous videos, deploy the machine, make a directory and open a text file with the IP copied.
In my opinion this can all be done before the video starts thus avoiding the first/first and a half minute of the video.
Bash files open
I'ld like to learn basics for free give me advice as soon as possible pls
13:03
it was not easy :s
Im the 1000 liker
good tutorial.. but too fast.
Everything goes smoothly until i have to use John The Ripper piece of crap software that is completely broken and bugged lol
ahahhahaha, cringe. i dont wanna see that!!!!!
Your videos are Nice to watch but You're way too fast and don't explain very much Sadly